oss-sec mailing list archives
Re: CVE Request -- redis: Two insecure temporary file use flaws
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 14 Jan 2013 14:39:19 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/14/2013 12:16 PM, Kurt Seifried wrote:
On 01/14/2013 09:08 AM, Jan Lieskovsky wrote:Hello Kurt, Steve, vendors,
Sorry misread the affected versions, this needs two CVEs:
Issue #1: =========Michael Scherer in the following Red Hat bugzilla: [1] https://bugzilla.redhat.com/show_bug.cgi?id=894659pointed out, Redis, a persistent key-value database of version 2.4 to be prone to temporary file use in src/redis.c:server.vm_swap_file = zstrdup("/tmp/redis-%p.vm");
Please use CVE-2013-0178 for the first issue as previously assigned.
[2] https://bugzilla.redhat.com/show_bug.cgi?id=894659#c0Note: This problem was fix by the patch [3] below.Issue #2: ========= When searching for a patch, that corrected the issue [2] above, found out it was patch[3] https://github.com/antirez/redis/commit/697af434fbeb2e3ba2ba9687cd283ed1a2734fa5
,
but it also introduced another insecure temporary flaw in src/redis.c:776 + server.ds_path = zstrdup("/tmp/redis.ds");Note: Issue #2 is also fixed in recent upstream 2.6.7 / 2.6.8 versions. If you want me to find exact patch, which corrected the second problem, let me know and i will provide the commit id.Could you allocate (two) CVE ids for these issues?Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Please use CVE-2013-0180 for this second issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQ9HsHAAoJEBYNRVNeJnmTLusQAJaKRWdl2HrQntMdky1D2rpv KsxYbdUSYKj71yJY5cScCfPqWjGB6mCHmqjxS9mceHKCaNpwus6wJ+BfSGytdXIC xYcOG1xJwuMTHF2EI7M1jLLfaoRthobkBPmao2EdIPH4pyuPiFXFw29y2vHdA2gS her2drPWbQcwY1GqA/5r82FUbtaYpeUyS8RTyfFy0Uha5HNoH+HmPI7cpJ8lvFx4 Uf2IFoP2EcSh4aMIsHmR9NiwgeQUZB5gJcYsRWCztoDAEQZNYj2C7042iJBxlcOG 35PrmrAy16EchKKFRp5Le63L9VA9Q1PgAeW2jqUtAeVBsO6w3nTD3RLUEanmwEd6 kug2BPgNJ/ObkKSbjUbhMKC5OPg3r29OIV5FTeq5mJDWhEaKp/VCSSWTEP9np2vB MSpD2up12YRAWOcvJa6qn8MBiZcsktmcsaVcOwVGk2mxvEtIRs0qKq9l2T6o0774 eKIP5q0Z4frlY6cFGGIMAp9FPXjbKUkFmxzH00rkLdJnedMt0EykwOjcNZrLRevS dRoHXRukCo+swXpfyfrFAu2Okf1rf6so30OJ8405p9Djf2rC/iakvXagRcy4xwZ7 a4PFcfJGBQEWHKgRHiU9JLM2l0CRmuHnoyj9pPP8FqzRCr5jqlh4I8Vw/DNl5IUq j8x8XuWLTF4aEApunXaM =/WSg -----END PGP SIGNATURE-----
Current thread:
- CVE Request -- redis: Two insecure temporary file use flaws Jan Lieskovsky (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)
- Re: CVE Request -- redis: Two insecure temporary file use flaws Kurt Seifried (Jan 14)