Date: Thu, 6 Feb 2014 14:27:04 +0100 From: Jakub Wilk <jwilk@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: [notification] CVE-2013-6888: uscan: remote code execution * Raphael Geissert <geissert@...ian.org>, 2014-01-06, 11:57: >Two other changes were made that IMO should be considered as hardening: >http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=4b7e58ee6000cdefac0682601cec6ecce0137467 I believe that untarring files to a direct subdirectory of /tmp (at least without --keep-old-files) is a vulnerability, although admittedly with very low severity. If the tarball contained a "." file, then tar would change permissions of the destination directory, possibly making the directly accessible to other users. This is (similar to?) CWE-378. >http://anonscm.debian.org/gitweb/?p=collab-maint/devscripts.git;a=commitdiff;h=b815aa438f018b5afc566eb403b0319a99a32995 As far as I can tell, this one is indeed hardening only. -- Jakub Wilk
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.