Ubuntu
lookup-el package

[lookup-el] [CVE-2007-0237] possible local symlink attack

Bug #176931 reported by disabled.user
256
Affects Status Importance Assigned to Milestone
lookup-el (Gentoo Linux)
Fix Released
Low
lookup-el (Ubuntu)
Fix Released
Low
Emanuele Gentili
Dapper
Fix Released
Low
Emanuele Gentili
Edgy
Fix Released
Low
Emanuele Gentili
Feisty
Fix Released
Low
Emanuele Gentili

Bug Description

Binary package hint: lookup-el

References:
[1] GLSA 200712-07 (http://www.gentoo.org/security/en/glsa/glsa-200712-07.xml)
[2] Gentoo Bug 197306 (http://bugs.gentoo.org/show_bug.cgi?id=197306)
[3] DSA-1269-1 (http://www.debian.org/security/2007/dsa-1269)

Quoting [2]:
"Tatsuya Kinoshita discovered that Lookup, a search interface to electronic
dictionaries on emacsen, creates a temporary file in an insecure fashion when
the ndeb-binary feature is used, which allows a local attacker to craft a
symlink attack to overwrite arbitrary files."

Quite old and already fixed in Debian since March, but only recently reported at Gentoo, so I thought I might report it here, also. Maybe applies for the older Ubuntu releases.

Bug Watch Updater (bug-watch-updater)
Changed in lookup-el:
status: Unknown → Fix Released
Emanuele Gentili (emgent)
Changed in lookup-el:
assignee: nobody → emgent
importance: Undecided → Low
status: New → In Progress
Revision history for this message
Emanuele Gentili (emgent) wrote :

+lookup-el (1.4-4ubuntu1) dapper-security; urgency=low
+
+ * SECURITY UPDATE:
+ - lisp/ndeb-binary.el: Make a temporary subdirectory securely. (LP: #176931)
+
+ * References
+ - http://www.debian.org/security/2007/dsa-1269
+ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237
+
+ -- Emanuele Gentili <email address hidden> Wed, 20 Feb 2008 22:27:38 +0100

Revision history for this message
Emanuele Gentili (emgent) wrote :

+lookup-el (1.4-4ubuntu1) feisty-security; urgency=low
+
+ * SECURITY UPDATE:
+ - lisp/ndeb-binary.el: Make a temporary subdirectory securely. (LP: #176931)
+
+ * References
+ - http://www.debian.org/security/2007/dsa-1269
+ - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237
+
+ -- Emanuele Gentili <email address hidden> Wed, 20 Feb 2008 22:39:29 +0100
+

Revision history for this message
Luca Falavigna (dktrkranz) wrote :

I'd suggest these versions:
Dapper: 1.4-4ubuntu0.6.06
Edgy: 1.4-4ubuntu0.6.10
Feisty: 1.4-4ubuntu0.7.04

Emanuele Gentili (emgent)
Changed in lookup-el:
assignee: nobody → emgent
importance: Undecided → Low
status: New → In Progress
Revision history for this message
Emanuele Gentili (emgent) wrote :

according to Luca, i use this suggest.

Revision history for this message
Emanuele Gentili (emgent) wrote :
Revision history for this message
Emanuele Gentili (emgent) wrote :
Changed in lookup-el:
assignee: nobody → emgent
importance: Undecided → Low
status: New → In Progress
assignee: nobody → emgent
importance: Undecided → Low
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lookup-el - 1.4-4ubuntu0.7.04

---------------
lookup-el (1.4-4ubuntu0.7.04) feisty-security; urgency=low

  * SECURITY UPDATE:
    - lisp/ndeb-binary.el: Make a temporary subdirectory securely. (LP: #176931)

  * References
    - http://www.debian.org/security/2007/dsa-1269
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237

 -- Emanuele Gentili <email address hidden> Wed, 20 Feb 2008 22:39:29 +0100

Changed in lookup-el:
status: In Progress → Fix Released
Emanuele Gentili (emgent)
Changed in lookup-el:
status: In Progress → Fix Released
status: In Progress → Fix Released
status: In Progress → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in lookup-el (Gentoo Linux):
importance: Unknown → Low
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.