Date: Mon, 11 Jan 2021 13:38:40 +0100 From: Jaroslav Tulach <jaroslav.tulach@...il.com> To: Apache NetBeans <dev@...beans.apache.org>, Jonathan Leitschuh <jonathan.leitschuh@...il.com>, Apache Security Team <security@...che.org>, oss-security@...ts.openwall.com Subject: [CVE-2020-17534] HTML/Java API 1.7: A race condition between deletion of the temporary file and creation of the temporary directory CVE-ID------CVE-2020-17534 Summary-------A race condition between the deletion of the temporary file and creation of the temporary directory There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in `webkit` subproject of HTML/Java API version 1.7. A similar vulnerability has recently been disclosed in other Java projects and the fix in HTML/Java API version 1.7.1 follows theirs: To avoid local privilege escalation version 1.7.1 creates the temporary directory atomically without dealing with the temporary file: https:// github.com/apache/netbeans-html4j/commit/ fa70e507e5555e1adb4f6518479fc408a7abd0e6 ----------- - Avoid using webkit presenter 1.7 - Update to HTML/Java API 1.7.1 Credit:-------The problem was identified by Jonathan Leitschuh --------  https://github.com/apache/netbeans-html4j/commit/ fa70e507e5555e1adb4f6518479fc408a7abd0e6
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.