[Secure-testing-team] Bug#697936: condor: CVE-2012-5390: possible privilege escalation
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 11 14:34:07 UTC 2013
Package: condor
Severity: grave
Tags: security
Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
the following vulnerability was published for condor.
CVE-2012-5390[0]:
Possible privilege escalation
This is mentioned on the stable release series notes[1] as well as the
development release series[2]. Should be fixed in 7.8.6 and 7.9.1, so
wheezy and unstable might be affected.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://security-tracker.debian.org/tracker/CVE-2012-5390
[1] http://research.cs.wisc.edu/htcondor/manual/v7.8/9_3Stable_Release.html
[2] http://research.cs.wisc.edu/htcondor/manual/v7.9/9_3Development_Release.html
[3] https://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3268
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCgAGBQJQ8CLbAAoJEHidbwV/2GP+rMMP/2LDnVx6ZrxE7Tqf6rEVs/GD
uz0e6LarP8uJRhEqBoyBjiMtVukyLdRtVY3yCvY/CnpA6rl4eyGAjb69nJHesXiA
Tbj0j4txv61lak4VlDEqeP+ZtGo+bl+VSM1RKIpYcMNMS5niHDMUiaPGY6r+d3xP
f9whMv6lHk+S9n24crohL7jH3S8S6Sir+/fQutPXfBeHPw48r2zSAL8M1mTYLD1L
cJLw88lomP8WdJm/i8Ox/d8jkb9rynpFtWVa116XI/2KWyIIHLlvdCxXVKcrHCGm
dL3Wid1Cn5xeGpj9q5QbRqCPbWgJKcO5paxqH3e8uKR79gtWYXrPCMWRzKIe0O4k
BYP2b6REGBu3ZYoroqtZZcRe4qCbWzVDnjWM1uxEcxDNfnQhxSrq0MjU5ks/Jpdk
/eIAZU0PBcLdck2tHNkhwsgXts6j0XH6ggOUDUvXU1BC4bfPI8+4qphiPpcJySbl
a6A07LvMwKakq96xAgaA6LN0gFuvzqhb+ZpTNV0k/qJxX1YelN6aEpBMHnpb+WfI
eO65hpEKtvr3tEA7SKVwn+Ci4jTbXebWTVMMGr5OqIddpDYEW161CD0/6ojnxZH6
zoqZ3E2Z/7y44JFv2+bhCqbUf1MjS1E2npa/OdajQb0mf+WcBw3EIHyAnqyuNOiy
9o9zaQ6vrdGInUONlw1C
=jnzW
-----END PGP SIGNATURE-----
More information about the Secure-testing-team
mailing list