oss-sec mailing list archives
Re: CVE Request -- redis: Two insecure temporary file use flaws
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 14 Jan 2013 12:16:44 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/14/2013 09:08 AM, Jan Lieskovsky wrote:
Hello Kurt, Steve, vendors, Issue #1: ========= Michael Scherer in the following Red Hat bugzilla: [1] https://bugzilla.redhat.com/show_bug.cgi?id=894659 pointed out, Redis, a persistent key-value database of version 2.4 to be prone to temporary file use in src/redis.c: server.vm_swap_file = zstrdup("/tmp/redis-%p.vm"); [2] https://bugzilla.redhat.com/show_bug.cgi?id=894659#c0 Note: This problem was fix by the patch [3] below. Issue #2: ========= When searching for a patch, that corrected the issue [2] above, found out it was patch [3] https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5 , but it also introduced another insecure temporary flaw in src/redis.c: 776 + server.ds_path = zstrdup("/tmp/redis.ds"); Note: Issue #2 is also fixed in recent upstream 2.6.7 / 2.6.8 versions. If you want me to find exact patch, which corrected the second problem, let me know and i will provide the commit id. Could you allocate (two) CVE ids for these issues? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Please use CVE-2013-0178 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQ9FmbAAoJEBYNRVNeJnmTFo4QALy3a/Bu+2xY95VXoEEcHSFM BlTqxv4fkH0Zu6dmxeGQji5rjNd1UkV3FAimhxuCDWtSoR+cKznCNUJlmntnXeN3 PTCvU0mjngAGF8VBwmmNER8J5CoI01PQAV+HFgPKAWSd4KFyecPyUa4USRZU1kdE GcmT/TSCGASOobehybcYpwzaSukZasnmvBh7bPfJx6IrfAFUEE5/4F6FtTFYCALG TvRtzGhwmr0DQwY6hdkQU9AWMhABfr4fuejxbWp8TI4mvckXO4MTzIr+b79VIdml EkZTRXz4WlsFsAkPB/hX3bNLWoHydc8Wh3BRotNJqrq+0Evbv4m2PBiBGGJmeNne URXJ9yUHumY+Mw9oTo9eoO7xHEVSQYQzzJsdUK5gHofeMs3BIwR3cwzPFO0ZOiJu Z0h0hiKEoSUMxuhlO1UDSbYHEH2HbM8JTRk49e7dILSm75tGNrkgR624jOn1e4YR 3kUv3aInuY84EO7O46nfv1vV6olQgiu3tpRfe+kJc++DbH7m1h/Ryjhq567ICRJf KEaWPHBXP/1U2Lk95PZZqXg5HFffg+Azu4kcBtiAO5GlKpOhmv4bDsdKsKe0jOdO bcOUMziPQgKXRNTx3H0L7QNsF3EwaQPSPUdhlhjB0kKD1ZsGCXBgyC9kRZqTTujA KfblZT+C8sWqjlJHnSNj =gqM1 -----END PGP SIGNATURE-----
Current thread:
- CVE Request -- redis: Two insecure temporary file use flaws Jan Lieskovsky (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)