[Security-team] [rbu на gentoo.org: [oss-security] CVE request: policyd-weight insecure temporary file creation]

[Vladimir V. Kamarzin]

>>>>> On 29 Mar 2008 at 05:12 "DVL" == Dmitry V Levin writes:

DVL> Кажется это к тебе.

Оказывается, уязвимый код я вынес ещё 09.06.2007, т.к. вызываемые там
chown/chmod в наших реалиях вообще не нужны и только мешают нормальной работе
программы.

Так что свежая версия будет после фриза.

DVL> From: Robert Buchholz <rbu на gentoo.org>
DVL> Subject: [oss-security] CVE request: policyd-weight insecure temporary file creation
DVL> To: oss-security на lists.openwall.com
DVL> Cc: Thijs Kinkhorst <thijs на debian.org>, Andrej Kacian <ticho на gentoo.org>, chris на chrishowells.co.uk
DVL> Date: Fri, 28 Mar 2008 01:27:56 +0100


DVL> Hey all,

DVL> quoting DSA-1531-1:
DVL> Chris Howells discovered that policyd-weight, a policy daemon for the 
DVL> Postfix mail transport agent, created its socket in an insecure way, 
DVL> which may be exploited to overwrite or remove arbitary files from the 
DVL> local system.

DVL> References:
DVL> http://www.us.debian.org/security/2008/dsa-1531
DVL> https://bugs.gentoo.org/show_bug.cgi?id=214403
DVL> http://www.policyd-weight.org/

DVL> Please note that the 0.1.14.15 release and the patch introduced in the 
DVL> Debian package do not properly fix this vulnerability, it still 
DVL> contains a race condition. See the Gentoo bug for details.


-- 
WBR, Vladimir V. Kamarzin,

System Administrator
Tyumen State University, Institute of Distance Education
http://distance.ru/

ALT Linux Team
http://altlinux.ru/

Voice: +7 3452 798926
email: vvk на vvk.pp.ru
jabber: vvk на altlinux.org