In reading through my technorati filter for Inkscape, I found this insecurity announcement. Should this be filed?
34. Inkscape Insecure Temporary File Creation Vulnerability BugTraq ID: 14522 Remote: No Date Published: 2005-08-09 Relevant URL: http://www.securityfocus.com/bid/14522 Summary: Inkscape creates temporary files in the '/tmp' directory in an insecure manner. An attacker with local access may overwrite or create files using symbolic link attacks.
This type of attack can result in denial of service or loss of data within the context of the affected application. Other attacks may be possible.
Search for Inkscape:
http://aquades.blogspot.com/2005/08/securityfocus-newsletter-311.html
Jon
On 8/16/05, Jon Phillips <jon@...235...> wrote:
In reading through my technorati filter for Inkscape, I found this insecurity announcement. Should this be filed?
It says it's fixed in 0.42.
On Tue, 2005-08-16 at 22:22 -0300, bulia byak wrote:
On 8/16/05, Jon Phillips <jon@...235...> wrote:
In reading through my technorati filter for Inkscape, I found this insecurity announcement. Should this be filed?
It says it's fixed in 0.42.
Thats a good case of read more thoroughly b4 posting ;)
Jon
Hi all,
On Tue, Aug 16, 2005 at 10:22:17PM -0300, bulia byak wrote:
On 8/16/05, Jon Phillips <jon@...235...> wrote:
In reading through my technorati filter for Inkscape, I found this insecurity announcement. Should this be filed?
It says it's fixed in 0.42.
Yes, I just checked that none of this stuff is left in the extensions directory. All occurrences of this type of insecure tempfile handling were fixed by pjrm at least 4 months ago. The bug is present in 0.39, 0.40 and 0.41. Since 0.41 is the version in debian sarge I sent fixed package to debian's security team.
With best regards,
Wolfi
-- bulia byak Inkscape. Draw Freely. http://www.inkscape.org
SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Inkscape-devel mailing list Inkscape-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/inkscape-devel
On Thu, Aug 18, 2005 at 03:45:26PM +0200, Wolfram Quester wrote:
Hi all,
On Tue, Aug 16, 2005 at 10:22:17PM -0300, bulia byak wrote:
On 8/16/05, Jon Phillips <jon@...235...> wrote:
In reading through my technorati filter for Inkscape, I found this insecurity announcement. Should this be filed?
It says it's fixed in 0.42.
Yes, I just checked that none of this stuff is left in the extensions directory. All occurrences of this type of insecure tempfile handling were fixed by pjrm at least 4 months ago. The bug is present in 0.39, 0.40 and 0.41. Since 0.41 is the version in debian sarge I sent fixed package to debian's security team.
What exactly was the fix?
Bryce
On Sun, Aug 21, 2005 at 12:22:00AM -0700, Bryce Harrington wrote:
On Thu, Aug 18, 2005 at 03:45:26PM +0200, Wolfram Quester wrote:
Hi all,
On Tue, Aug 16, 2005 at 10:22:17PM -0300, bulia byak wrote:
On 8/16/05, Jon Phillips <jon@...235...> wrote:
In reading through my technorati filter for Inkscape, I found this insecurity announcement. Should this be filed?
It says it's fixed in 0.42.
Yes, I just checked that none of this stuff is left in the extensions directory. All occurrences of this type of insecure tempfile handling were fixed by pjrm at least 4 months ago. The bug is present in 0.39, 0.40 and 0.41. Since 0.41 is the version in debian sarge I sent fixed package to debian's security team.
What exactly was the fix?
I attach the patch Javier submitted to debian's BTS. The trick is to use mktemp to create the temporary file, not saying TEMPFILE=/tmp/tempfile.txt. The fixes in our cvs are http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/share/extensions/dia... http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/share/extensions/ps2... http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/share/extensions/ps2...
There are other Makefile cleanups, but I think they are not security relevant. I might have missed something though.
With best wishes,
Wolfi
Bryce
SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Inkscape-devel mailing list Inkscape-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/inkscape-devel
participants (4)
-
Bryce Harrington -
bulia byak -
Jon Phillips -
Wolfram Quester