Your message dated Sat, 17 May 2008 12:47:15 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#480724: fixed in vlc 0.8.6.c-6+lenny5
has caused the Debian Bug report #480724,
regarding vlc: CVE-2008-2147 untrusted search path vulnerability for module
library
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
480724: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480724
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: vlc
Severity: grave
Tags: security patch
Hi,
vlc is vulnerable to a local privilege escalation[0]:
| At startup, VLC recursively scans the modules/ and plugins/ subdirectories
from
| the current working directory, and tries to execute the vlc_entry__0_8_6 (or
| another in other VLC versions) symbol from any file matching the
| "lib*_plugin.so" pattern.
An attacker could use this to execute code by providing a crafted library file.
Patch:
http://git.videolan.org/?p=vlc.git;a=commit;h=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181
This issue doesn't have a CVE id yet, I already request one and will update
this bug report if I got it.
Make sure to use it on your changelog then if you close the bug.
[0] https://trac.videolan.org/vlc/ticket/1578
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpw6tvoC0e4F.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: vlc
Source-Version: 0.8.6.c-6+lenny5
We believe that the bug you reported is fixed in the latest version of
vlc, which is due to be installed in the Debian FTP archive:
libvlc0-dev_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/libvlc0-dev_0.8.6.c-6+lenny5_amd64.deb
libvlc0_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/libvlc0_0.8.6.c-6+lenny5_amd64.deb
mozilla-plugin-vlc_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/mozilla-plugin-vlc_0.8.6.c-6+lenny5_amd64.deb
vlc-nox_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-nox_0.8.6.c-6+lenny5_amd64.deb
vlc-plugin-alsa_0.8.6.c-6+lenny5_all.deb
to pool/main/v/vlc/vlc-plugin-alsa_0.8.6.c-6+lenny5_all.deb
vlc-plugin-arts_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-plugin-arts_0.8.6.c-6+lenny5_amd64.deb
vlc-plugin-esd_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-plugin-esd_0.8.6.c-6+lenny5_amd64.deb
vlc-plugin-ggi_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-plugin-ggi_0.8.6.c-6+lenny5_amd64.deb
vlc-plugin-jack_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-plugin-jack_0.8.6.c-6+lenny5_amd64.deb
vlc-plugin-sdl_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-plugin-sdl_0.8.6.c-6+lenny5_amd64.deb
vlc-plugin-svgalib_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc-plugin-svgalib_0.8.6.c-6+lenny5_amd64.deb
vlc_0.8.6.c-6+lenny5.diff.gz
to pool/main/v/vlc/vlc_0.8.6.c-6+lenny5.diff.gz
vlc_0.8.6.c-6+lenny5.dsc
to pool/main/v/vlc/vlc_0.8.6.c-6+lenny5.dsc
vlc_0.8.6.c-6+lenny5_amd64.deb
to pool/main/v/vlc/vlc_0.8.6.c-6+lenny5_amd64.deb
wxvlc_0.8.6.c-6+lenny5_all.deb
to pool/main/v/vlc/wxvlc_0.8.6.c-6+lenny5_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <[EMAIL PROTECTED]> (supplier of updated vlc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 16 May 2008 17:45:15 +0200
Source: vlc
Binary: vlc vlc-nox libvlc0 libvlc0-dev vlc-plugin-esd vlc-plugin-alsa
vlc-plugin-sdl vlc-plugin-ggi vlc-plugin-glide vlc-plugin-arts
mozilla-plugin-vlc vlc-plugin-svgalib wxvlc vlc-plugin-jack
Architecture: source all amd64
Version: 0.8.6.c-6+lenny5
Distribution: testing-security
Urgency: high
Maintainer: Debian multimedia packages maintainers <[EMAIL PROTECTED]>
Changed-By: Nico Golde <[EMAIL PROTECTED]>
Description:
libvlc0 - multimedia player and streamer library
libvlc0-dev - development files for VLC
mozilla-plugin-vlc - multimedia plugin for web browsers based on VLC
vlc - multimedia player and streamer
vlc-nox - multimedia player and streamer (without X support)
vlc-plugin-alsa - dummy transitional package
vlc-plugin-arts - aRts audio output plugin for VLC
vlc-plugin-esd - Esound audio output plugin for VLC
vlc-plugin-ggi - GGI video output plugin for VLC
vlc-plugin-glide - Glide video output plugin for VLC
vlc-plugin-jack - Jack audio plugins for VLC
vlc-plugin-sdl - SDL video and audio output plugin for VLC
vlc-plugin-svgalib - SVGAlib video output plugin for VLC
wxvlc - dummy transitional package
Closes: 477734 478971 480370 480724 481417
Changes:
vlc (0.8.6.c-6+lenny5) testing-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix regression introduced by latest security upload which
did not properly define FREENULL (Closes: #478971,#481417,#477734).
* Fix untrusted search path vulnerability by not loading libraries
from plugins and modules directories in the current working
directory (CVE-2008-2147; Closes: #480724).
* Fix arbitrary file overwriting via a crafted playlist or an EXTLVLCOPT
statement in an mp3 file by partially disabling this functionality
for the browser plugin (CVE-2007-6683; Closes: #480370).
Checksums-Sha1:
ea14947f817761070c6e7ca7e3e732e5acbdd77b 3101 vlc_0.8.6.c-6+lenny5.dsc
20f531ba94a8ae1d86bbf48c45c4fb311cab3f4e 42551 vlc_0.8.6.c-6+lenny5.diff.gz
9428d95345dea27b7cd3d9cefbba013bf1ec2852 806
vlc-plugin-alsa_0.8.6.c-6+lenny5_all.deb
119c4115ce19c92689749f40fb3a58491bc4a450 798 wxvlc_0.8.6.c-6+lenny5_all.deb
3724b5fea58340d859dd44f9b7913bc9e190ffb1 1160526 vlc_0.8.6.c-6+lenny5_amd64.deb
a33beee8df4a7aba42eab28cf5a73299efa2795f 4663242
vlc-nox_0.8.6.c-6+lenny5_amd64.deb
ddd6049e74bfd818117df8af778e7cce8b167fed 457544
libvlc0_0.8.6.c-6+lenny5_amd64.deb
ae69a10270bc7507bac9023a1f1778a1d0ce85fb 504512
libvlc0-dev_0.8.6.c-6+lenny5_amd64.deb
8b688aafc19b31597c90cd1ffb52dc0840ff5e4b 4542
vlc-plugin-esd_0.8.6.c-6+lenny5_amd64.deb
a204fa11823efe91f6d431de5ff60a0f9cc46969 11650
vlc-plugin-sdl_0.8.6.c-6+lenny5_amd64.deb
17ebab15e6a9a044c4447f69033f61d3ef9ced49 6220
vlc-plugin-ggi_0.8.6.c-6+lenny5_amd64.deb
c1301d19b8d00b8dd29bb31f6d90952bcadd6ac0 4194
vlc-plugin-arts_0.8.6.c-6+lenny5_amd64.deb
676492075dfdcafdf4808eabd18736202f6d87e2 38586
mozilla-plugin-vlc_0.8.6.c-6+lenny5_amd64.deb
3cfb1989e1506d3459b4c3392c46bc4c769ed1de 4810
vlc-plugin-svgalib_0.8.6.c-6+lenny5_amd64.deb
fe77a85c508da569b810714ee91006d497bcfc8a 4882
vlc-plugin-jack_0.8.6.c-6+lenny5_amd64.deb
Checksums-Sha256:
48ee1c08ec3e56225ec6d786dd1cc2bddd16974ad491e32f629b05eb63906ce7 3101
vlc_0.8.6.c-6+lenny5.dsc
7cbbcda3ff9df68b64e30ad7c7463f2d82b1d7248fbecc8862578dd49f98ec3a 42551
vlc_0.8.6.c-6+lenny5.diff.gz
34d16c5377ebde80970b045caec97398553f7b96ee991f7ef9be5416876f89bb 806
vlc-plugin-alsa_0.8.6.c-6+lenny5_all.deb
85e25f90470d1c0e0517dbea58f33a7d4c3828b05fec751fb07963e7d64cf65a 798
wxvlc_0.8.6.c-6+lenny5_all.deb
ba35990a3c087451f682685ebd609c8dc14db179efbfcbb03c71cce58f8fe0b5 1160526
vlc_0.8.6.c-6+lenny5_amd64.deb
56fd8a2a67a6b5ae1c11e2fe88617c6857e9f07684ecf1c56a1edf6b0c68242e 4663242
vlc-nox_0.8.6.c-6+lenny5_amd64.deb
93153cc6a596885564507f30be0b7fa78e1c942d8eb6dec6186096244de0175d 457544
libvlc0_0.8.6.c-6+lenny5_amd64.deb
a41fc8822c7a59712e620c9cc2f79d90b750f78d9889fcf1259d309fa668431b 504512
libvlc0-dev_0.8.6.c-6+lenny5_amd64.deb
dfe8f4e71f0ac535cdd3e981b70e80091c6010bab51bdeff8b833fd9b81656f1 4542
vlc-plugin-esd_0.8.6.c-6+lenny5_amd64.deb
6b24ae3c7da8c89a12beb5ab6a260c955a97cb59ee18e1992f979379e6b1b29d 11650
vlc-plugin-sdl_0.8.6.c-6+lenny5_amd64.deb
84d1a2d1fed33c017839d6b9024085807675b5b467dadb2a46cfc8dd61dae2b7 6220
vlc-plugin-ggi_0.8.6.c-6+lenny5_amd64.deb
e64e1d7bc09aef6c13b21cdbd8342387f4a31d0c9c7f59f8523acf598655cfa6 4194
vlc-plugin-arts_0.8.6.c-6+lenny5_amd64.deb
ed888e560876a14923bd2a1e9a6e3afe76e6a0dfdc028db8950d7ebc4030addf 38586
mozilla-plugin-vlc_0.8.6.c-6+lenny5_amd64.deb
ec40244366eeb927c9a18d05c5f3e8b3beaf55f047609d7e5321ce1475620926 4810
vlc-plugin-svgalib_0.8.6.c-6+lenny5_amd64.deb
b8e5ae63a6a89b27588f695c367eae59821c7ae4c9eca581d49f655568a74cd0 4882
vlc-plugin-jack_0.8.6.c-6+lenny5_amd64.deb
Files:
3b85a62952ccc256cdfc5266dddb47b4 3101 graphics optional
vlc_0.8.6.c-6+lenny5.dsc
6ac33fa2a8e49507abf51a2bc66658b8 42551 graphics optional
vlc_0.8.6.c-6+lenny5.diff.gz
d560dda9b106e5724cc4c8737e486dbd 806 graphics optional
vlc-plugin-alsa_0.8.6.c-6+lenny5_all.deb
89ed99225a0b23eaeb411480d9db8a19 798 graphics optional
wxvlc_0.8.6.c-6+lenny5_all.deb
bcf1ddaf317ce94d7ef74eddc737dd39 1160526 graphics optional
vlc_0.8.6.c-6+lenny5_amd64.deb
006b8241652c33733ad3376cad891a64 4663242 net optional
vlc-nox_0.8.6.c-6+lenny5_amd64.deb
2b4927e6ab6651dc856aadf60192ba02 457544 libs optional
libvlc0_0.8.6.c-6+lenny5_amd64.deb
f571f189fc9308a4f814eb189bff5f62 504512 libdevel optional
libvlc0-dev_0.8.6.c-6+lenny5_amd64.deb
3e0320aa9dae5a7eb55cd4c73b347f06 4542 graphics optional
vlc-plugin-esd_0.8.6.c-6+lenny5_amd64.deb
01cd441f4e28b3b45aca95c08c8d7969 11650 graphics optional
vlc-plugin-sdl_0.8.6.c-6+lenny5_amd64.deb
59e60b246a848c13d504a23a1864daa9 6220 graphics optional
vlc-plugin-ggi_0.8.6.c-6+lenny5_amd64.deb
fcf8cbf36fb79f2a551348e6ce368c8c 4194 graphics optional
vlc-plugin-arts_0.8.6.c-6+lenny5_amd64.deb
c7272c90d970aecc2372ae33a93244ff 38586 graphics optional
mozilla-plugin-vlc_0.8.6.c-6+lenny5_amd64.deb
6641ae7313dde0b9d0857f21d40eacab 4810 graphics optional
vlc-plugin-svgalib_0.8.6.c-6+lenny5_amd64.deb
f747d4195d95854859716c07da455e4b 4882 graphics optional
vlc-plugin-jack_0.8.6.c-6+lenny5_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFILcpEHYflSXNkfP8RAv8VAJ9QRZVVXiKXcMJep9epTJMbq5wegwCgro61
0DRsVlwI7L+GSJIjRy/DCpk=
=jQkQ
-----END PGP SIGNATURE-----
--- End Message ---