Comment 8 for bug 10212

Message-ID: <email address hidden>
Date: Thu, 11 Nov 2004 11:47:59 +0100
From: Martin Pitt <email address hidden>
To: <email address hidden>, <email address hidden>
Cc: <email address hidden>
Subject: Re: der_chop script has file in /tmp security holes

--cWoXeonUoKmBZSoM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

severity 278260 grave
tag 278260 patch
thanks

Joey Hess [2004-10-25 16:00 -0400]:
> The der_chop script that is in the source only of openssl (not in any
> debs) is vulnerable to a file in /tmp security hole, according to
> CAN-2004-0975:

This is not quite correct, the script is shipped as
/usr/lib/ssl/misc/der_chop, together with some other auxiliary
scripts. Therefore I increase the severity.

I prepared a patch for Ubuntu Warty and Hoary. The Hoary package is
the same version as in Debian Sid/Sarge, so the patch should apply
without problems. Just be sure to adapt the version number.

The patch is at

  http://patches.ubuntulinux.org/patches/openssl.CAN-2004-0975.diff

Please do not use the RedHat patch (with doing things like

  `mktemp ..`

this is flawed and a bit too much overhead. The perl module File::Temp
is portable and works fine. Please also submit this patch upstream.

Thanks,

Martin

--=20
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org

--cWoXeonUoKmBZSoM
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBk0NfDecnbV4Fd/IRAhJjAKCAO6ApvQzNPdabXSvSUv3EaxEXDgCg+s38
gtq0uqlzGM86g3kH2u5GwSo=
=gy/H
-----END PGP SIGNATURE-----

--cWoXeonUoKmBZSoM--