Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sat, 13 Sep 2008 19:55:52 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE Request (gpicview)

On Tuesday 26 August 2008, Steven M. Christey wrote:
> > http://sourceforge.net/tracker/index.php?func=detail&aid=2019481&gr
> >oup_id=180858&atid=894869
> >
> > Possible symlink attack via the temporary created "/tmp/rot.jpg"
> > file used for image rotation.
>
> Use CVE-2008-3791

This issue (and CVE-2008-3904) have been resolved by r845, and released 
as 0.1.10:
http://lxde.svn.sourceforge.net/viewvc/lxde?view=rev&sortby=date&revision=845

Interestingly, upstream also fixed a bug in the open_url() function 
where invoking the browser would allow for code execution via shell 
metacharacters in the URL. However, from what I see the function is 
only called with URLs in the "about" box. Unfortunately, upstream calls 
this non-issue CVE-2008-3904. Patch here:
http://lxde.svn.sourceforge.net/viewvc/lxde?view=rev&sortby=date&revision=847


Regards,
Robert

Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.