Date: Thu, 10 Jul 2014 21:23:48 +0200 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-0475: glibc directory traversal in LC_* locale handling * Rich Felker: > Am I correct in assuming this affects most typical git setups (e.g. > gitolite) using ssh authorized_keys files with forced commands, where > the malicious file could simply be created as part of the git > repository? Probably, especially if there is a checkout of the repository in the file system under a predictable path. (I expect that most hosted repositories use the bare format.) I don't know how common this is with the existing Git hosting frameworks. Some of them don't use OpenSSH and may not implement environment variable processing at all. > Or are these usually setup to filter the environment? It seems fairly likely because unexpected, but benign locale settings would interfere with the hook script processing (which likely assume U.S. date formats and UTF-8).
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ