Insecure tempfile handling

Bug #1378680 reported by Michael Vogt on 2014-10-08
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Debian)
Fix Released
Unknown
apt (Ubuntu)
Undecided
Michael Vogt
Precise
Medium
Marc Deslauriers
Trusty
Medium
Marc Deslauriers
Utopic
Undecided
Michael Vogt

Bug Description

Apt creates the tempfile for apt-get changelog in a insecure fashion. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763780 for the details

CVE References

Michael Vogt (mvo) wrote :
Michael Vogt (mvo) wrote :
Changed in apt (Ubuntu Utopic):
assignee: nobody → Michael Vogt (mvo)
status: New → In Progress
Changed in apt (Debian):
status: Unknown → Fix Released
Marc Deslauriers (mdeslaur) wrote :

Thanks for the debdiffs, I'll prepare security updates.

Changed in apt (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in apt (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
status: New → Confirmed
Changed in apt (Ubuntu Trusty):
status: New → Confirmed
Changed in apt (Ubuntu Precise):
importance: Undecided → Medium
Changed in apt (Ubuntu Trusty):
importance: Undecided → Medium
tags: added: patch
Marc Deslauriers (mdeslaur) wrote :
Changed in apt (Ubuntu Precise):
status: Confirmed → Fix Released
Changed in apt (Ubuntu Trusty):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.0.9.2ubuntu1

---------------
apt (1.0.9.2ubuntu1) utopic; urgency=low

  * merge fixes from debian/sid, most importantly CVE-2014-7206
    (LP: #1378680)

apt (1.0.9.2) unstable; urgency=medium

  [ Michael Vogt ]
  * test/integration/test-apt-update-file: improve test
  * Fix regression when copy: is used for a relative path (Closes: #762160)
  * generalize Acquire::GzipIndex to support all compressions that
    apt supports
  * Fix regression for cdrom: sources from latest security update
  * Ensure that iTFRewritePackageOrder is "MD5sum" to match
    apt-ftparchive
  * debian/rules: add hardening=+all.
    Thanks to Simon Ruderich, Markus Waldeck

  [ Holger Wansing ]
  * German program translation update (Closes: 762223)

  [ Jérémy Bobbio ]
  * disable timestamps in the footer of docs by doxygen

  [ Trần Ngọc Quân ]
  * Set STRIP_FROM_PATH for doxygen

  [ Guillem Jover ]
  * apt-get: Create the temporary downloaded changelog inside tmpdir
    (closes: #763780)
 -- Michael Vogt <email address hidden> Wed, 08 Oct 2014 10:45:34 +0200

Changed in apt (Ubuntu Utopic):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.