Date: Thu, 07 Jul 2011 10:56:35 -0500 From: Jamie Strandboge <jamie@...onical.com> To: William Cohen <wcohen@...hat.com> Cc: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request -- oprofile -- Local privilege escalation via crafted opcontrol event parameter when authorized by sudo On Tue, 2011-05-10 at 17:05 -0400, William Cohen wrote: > The patches mentioned in the previous email. > > -Will Thanks for these patches. I was reviewing them and noticed that 0003-Avoid-blindly-source-SETUP_FILE-with.patch undoes the 'error_if_not_basename $arg $val' for --save added in 0002-Ensure-that-save-only-saves-things-in-SESSION_DIR.patch such that if you apply all 4 patches, method #2 from the Debian bug is no longer fixed. Attached is a patch to correct this (to be applied after the other 4). http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212#14 -- Jamie Strandboge | http://www.canonical.com View attachment "0005-add-back-error_if_not_basename.patch" of type "text/x-patch" (506 bytes) Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.