Status
People
(Reporter: josh, Assigned: dveditz)
Tracking
({fixed-aviary1.0.8, fixed1.7.13, fixed1.8})
Bug Flags:
Firefox Tracking Flags
(Not tracked)
Details
(Whiteboard: [sg:low local], URL)
Attachments
(1 attachment)
|
1.51 KB,
patch
|
dveditz
:
review+
dbaron
:
superreview-
asa
:
approval1.8b5+
|
Details | Diff | Splinter Review |
An Ubuntu security advisory fixed a temporary file vulnerability in the run-mozilla.sh script when run in debug mode. The run-mozilla.sh script passes gdb arguments from a temporary file which is named in a manner that makes it fairly easy to guess. The temporary file should be created using the mktemp program to ensure proper file permissions and a unique filename.
|
(Reporter) | |
Comment 1•14 years ago
|
||
Created attachment 192382 [details] [diff] [review] Suggested fix for this issue
|
||
Updated•14 years ago
|
||
Whiteboard: [sg:investigate]
|
||
Comment 2•13 years ago
|
||
Different patch was originally submitted by the author of the original bug : http://bugs.debian.org/cgi-bin/bugreport.cgi/mozilla-thunderbird-1.0.diff?bug=306893;msg=5;att=1
|
(Assignee) | |
Comment 3•13 years ago
|
||
Nominating for a closer look based on Frederic's mail.
Flags: blocking1.8b5?
Flags: blocking1.7.13?
Flags: blocking1.7.12?
Flags: blocking-aviary1.0.8?
Flags: blocking-aviary1.0.7?
|
||
Updated•13 years ago
|
||
Flags: blocking1.8b5? → blocking1.8b5+
|
|
(Assignee) | |
Updated•13 years ago
|
||
Assignee: nobody → dveditz
|
||
Updated•13 years ago
|
||
Attachment #192382 -
Flags: review?(dveditz)
|
||
Updated•13 years ago
|
||
Whiteboard: [sg:investigate] → [sg:investigate][needs review dveditz]
|
|
||
Comment 4•13 years ago
|
||
Is the patch effective? Running out of time for 1.5b2 . ..
|
|
(Assignee) | |
Updated•13 years ago
|
||
Attachment #192382 -
Flags: superreview?(dbaron)
Attachment #192382 -
Flags: review?(dveditz)
Attachment #192382 -
Flags: review+
Attachment #192382 -
Flags: approval1.8b5?
|
|
||
Comment 5•13 years ago
|
||
DBaron - need SR here.
|
||
Comment 6•13 years ago
|
||
Comment on attachment 192382 [details] [diff] [review] Suggested fix for this issue This patch doesn't actually work because of the spaces around the equals sign in this line: >+ mozargs_temp = `mktemp /tmp/mozargs.XXXXXX` If you fix that, then it works, so sr=dbaron, conditional on removing those two spaces.
Attachment #192382 -
Flags: superreview?(dbaron) → superreview-
|
|
||
Comment 7•13 years ago
|
||
That said, I think the patch in comment 2 is preferable (except with the whitespace cleaned up), both because it uses mktemp -t and because it removes the temporary file under more conditions.
|
|
||
Comment 8•13 years ago
|
||
Comment on attachment 192382 [details] [diff] [review] Suggested fix for this issue please re-request approval when you've got a fully reviewed patch.
Attachment #192382 -
Flags: approval1.8b5?
|
|
||
Comment 9•13 years ago
|
||
Dbaron, can you get that earlier patch in? This bug is stalled and we seem to want it for beta2.
|
|
(Assignee) | |
Comment 10•13 years ago
|
||
(In reply to comment #9) > Dbaron, can you get that earlier patch in? This bug is stalled and we seem to > want it for beta2. I was actually about to check this in
|
|
(Assignee) | |
Comment 11•13 years ago
|
||
fix checked into trunk
Flags: blocking1.7.13?
Flags: blocking1.7.13+
Flags: blocking1.7.12?
Flags: blocking-aviary1.0.8?
Flags: blocking-aviary1.0.8+
Flags: blocking-aviary1.0.7?
Whiteboard: [sg:investigate][needs review dveditz] → [sg:low local]
|
|
||
Updated•13 years ago
|
||
Attachment #192382 -
Flags: approval1.8b5?
|
||
Comment 12•13 years ago
|
||
Note: RH7.3 doesn't have mktemp -t
|
|
||
Updated•13 years ago
|
||
Attachment #192382 -
Flags: approval1.8b5? → approval1.8b5+
|
|
(Assignee) | |
Comment 13•13 years ago
|
||
dropped -t and went back to mktemp /tmp/mozargs.XXXXXX fix checked into the 1.8 branch
Status: NEW → RESOLVED
Last Resolved: 13 years ago
Keywords: fixed1.8
Resolution: --- → FIXED
|
|
||
Comment 14•13 years ago
|
||
Any hope to get it landed on on 1.0.x aviary branch too ?
|
|
(Assignee) | |
Updated•13 years ago
|
||
Keywords: fixed-aviary1.0.8, fixed1.7.13
|
|
(Reporter) | |
Updated•13 years ago
|
||
Summary: CAN-2005-2353 run-mozilla.sh temporary file issue → CVE-2005-2353 run-mozilla.sh temporary file issue
Component: Cmd-line Features → Cmd-line Features
Product: Core → Core Graveyard
|
||
Updated•9 years ago
|
||
QA Contact: cmd-line
You need to log in
before you can comment on or make changes to this bug.
Description
•