Date: Mon, 14 Jan 2013 11:08:39 -0500 (EST) From: Jan Lieskovsky <jlieskov@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org>, Michael Scherer <misc@...b.org> Subject: CVE Request -- redis: Two insecure temporary file use flaws Hello Kurt, Steve, vendors, Issue #1: ========= Michael Scherer in the following Red Hat bugzilla:  https://bugzilla.redhat.com/show_bug.cgi?id=894659 pointed out, Redis, a persistent key-value database of version 2.4 to be prone to temporary file use in src/redis.c: server.vm_swap_file = zstrdup("/tmp/redis-%p.vm");  https://bugzilla.redhat.com/show_bug.cgi?id=894659#c0 Note: This problem was fix by the patch  below. Issue #2: ========= When searching for a patch, that corrected the issue  above, found out it was patch  https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5 , but it also introduced another insecure temporary flaw in src/redis.c: 776 + server.ds_path = zstrdup("/tmp/redis.ds"); Note: Issue #2 is also fixed in recent upstream 2.6.7 / 2.6.8 versions. If you want me to find exact patch, which corrected the second problem, let me know and i will provide the commit id. Could you allocate (two) CVE ids for these issues? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ