On Thu, 30 Jan 2014 09:26:33 -0500 (EST) cve-ass...@mitre.org wrote: > > If a local attacker can predict this filename, and precreates a > > symlink with the same filename that points to an arbitrary directory > > with mode 755, owner root and group root, then the attacker will > > succeed in making Phusion Passenger write files and create > > subdirectories inside that target directory. > > > > It is fixed in upstream version 4.0.33. > > > > https://github.com/phusion/passenger/commit/34b1087870c2bf85ebfd72c30b78577e10ab9744
... > Use CVE-2014-1831 for the vulnerability with the "before 4.0.33" > affected versions. > > Use CVE-2014-1832 for the vulnerability with the "4.0.33 and earlier" > affected versions. Note that while the original CVE request mentions version 4.0.33, that seems like a typo as upstream NEWS file indicates: Fixed versions: 4.0.37. Consequently, the above should be "before 4.0.37" and "4.0.37 and earlier" (or "before 4.0.38"). -- Tomas Hoger / Red Hat Security Response Team _______________________________________________ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
