[Secure-testing-team] Re: Bug#301430: Multiple exploitable race conditions in openmosixview
Francesco P. Lovergine
frankie at debian.org
Fri Apr 1 07:39:57 UTC 2005
severity 301430 serious
tags 301430 + patch
tags 301430 + upstream
tags 301430 + security
thanks
On Thu, Mar 31, 2005 at 08:46:41PM -0500, Hubert Chan wrote:
> I believe this bug is fixed by two patches that can be found at:
> http://uw-dig.uwaterloo.ca/~hy3chan/patches/openmosixview/1.5/
> (patches 20-logdirectory.diff and 50-nonodestmp.diff). I think
> that they should apply cleanly without the other patches -- probably
> at worst with some fuzz. I'm trying to confirm with the people who
> originally reported the vulnerability to check that the patches do
> indeed fix the issues that they reported, but I'm pretty sure they do.
>
> The patches found there (except for 99debian.diff) have already been
> accepted by upstream for inclusion in the next release of
> openMosixView.
>
> 20-logdirectory.diff may break other software that depends on a
> predictable location for the openMosixViewCollector logs (such as
> openMosixWebView, not included in Debian, and I think that
> openMosixWebView has been changed to check both locations). But I
> don't think there's any other way around it -- besides, upstream is
> already going to implement the change in the next release.
>
> For reference, my mail to Rexotec (the original reporters) and the
> openMosixView mailing list can be found at:
> http://sourceforge.net/mailarchive/message.php?msg_id=11330106
>
Nice news. I'll keep an eye to the proposed patches before committing.
The symlink exploit should be obviously manageable.
--
Francesco P. Lovergine
More information about the Secure-testing-team
mailing list