Bug 627498 (CVE-2010-2953)
Summary: | CVE-2010-2953 couchdb: start-up script sets insecure LD_LIBRARY_PATH | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | lemenkov |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-12-22 15:51:12 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Tomas Hoger
2010-08-26 08:13:00 UTC
Thanks! I will provide fix very soon. (In reply to comment #0) > attacker-controlled/writeable directory (such as /tmp). I don't know what > typical couchdb use case is, it may be rather unlikely to have couchdb run from > arbitrary directories. Unfortunately running CouchDB from arbitrary directory is one of possible (and rather popular) user-cases. So yes, this needs to be fixed urgently. > I wonder why we need to change LD_LIBRARY_PATH at all. Only /usr/lib or > /usr/lib64 is added there, so setting it should be redundant as those > directories are in linker search path by default. If setting it is really > required, something like this should work instead: > LD_LIBRARY_PATH=%{_libdir}${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH} It seems that this line isn't necessary at all, so I will simply remove it. Fixed in F13 and EPEL-5. |