Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 16 Jul 2016 10:25:08 -0400 (EDT)
From: cve-assign@...re.org
To: faure@....org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, kde-security@....org
Subject: Re: CVE Request for KNewStuff/KArchive issue

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> When using KNewStuff, one of the KDE Frameworks, to download and install files
> from the internet (e.g. a wallpaper, a plasma applet, etc.), it was possible
> to download a maliciously crafted archive file (e.g. tar.gz or zip) containing
> relative paths leading to outside the extraction directory (say
> "../../../.bashrc" for instance).
> 
> The fix has already been reviewed and submitted:
>    https://git.reviewboard.kde.org/r/128185/
> This fix is one layer below KNewStuff, in the framework called KArchive, which
> handles extraction of .tar.gz / .zip archives. KArchive now prevents files from
> being written outside of the extraction directory, in all cases.

>> Switch to Tar's default behavior to avoid extraction
>> to arbitrary system locations outside of extraction folder. Instead,
>> extract such files to root location in extraction folder.
>> 
>> Submitted with commit 0cb243f64eef45565741b27364cece7d5c349c37 ... to branch master

Use CVE-2016-6232.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXikNtAAoJEHb/MwWLVhi245oP/2iuIOTUeddF7pINd0p9zPom
5OcVSolQNy3gaqYc/XlE36FbfnoLafjxW0NUO6xKWBs+ftbctcYWuCSJ4g8jodbI
+fFzuSCGzVwYbZR3L+Ew2pzs0HM34B4lql1lb8PNl++qXA4pQf1V/XrkaHL7ucUX
T/k/UAN3KNq1yluM+oxNcTajnzMd5rBKMwXgm1zDVx8k2A0NEgmUBbR6Iq5/MZRZ
+SMOFEYR9pJdc8CXjCr7MkvcYY+5/XQ8zQxj53N4yxpaPGPBQ+zbbKK5//IppWa+
AQEQHGn5nIz+FjekWMFm7vKXO61LFgwLFM1ZWD26ovb8NaFW2glgxtq3lB6suw94
8uKSW5YMnEnizcdUmNhHsdWjAGwU5AkEWagh07bd5XkE/4+DWXtfz0uBqrThXytb
9cY1YBth/9FYzac8ldfHxPjsc4dFuqG7Z+EdiR/mz4Emsjgca3YUcRfrz+M4+Xue
+TlpNX4JtraXe/Op2OvQTgJVzkpqNTVlvfxKO+GKJX4NN0wYlQJG8DdcKm0HgtvE
Ne1y/aMrOiB5JdP4I0OCuqGCx7MzGTNuiSXlNfEl0BWLg0Hmp3JIQ8SUMjTxi65N
0oXRxexw5BDw0voT5mHnD7mJjc1xMhtnMGaSmqjUJ8G2IaDf6l0m3l0pRU9WcdxY
fhHlAGOcUjFrFCQPvrv/
=F3ot
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ