Common Vulnerabilities and Exposures assigned an identifier CVE-2009-1753 to the following vulnerability: Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file." References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1753 http://www.openwall.com/lists/oss-security/2009/05/06/2 http://packages.qa.debian.org/c/coccinelle/news/20090502T001704Z.html http://packages.debian.org/changelogs/pool/main/c/coccinelle/coccinelle_0.1.7.deb-3/changelog http://www.securityfocus.com/bid/34848 http://secunia.com/advisories/35012
Created attachment 345076 [details] Patch extracted from Debian counterpart (coccinelle_0.1.7.deb-3.diff.gz ) Url the coccinelle_0.1.7.deb-3.diff.gz was retrieved from: http://mirror.aarnet.edu.au/debian/pool/main/c/coccinelle/
I'll push out an updated build now.
BTW, I think that patch is totally bogus. I'll have a chat with upstream & Debian devs about this.
Yeah, from quick look at the patch, looks like it only "comments out" the relevant part. Need to admit, don't understand the *.ml syntax :(.
I've chatted with a Debian developer, and we agree that the patch is 'correct', in that it fixes the vulnerability, by just chopping out that bit of functionality. So I'm going to go with the patch, and let upstream come up with a real fix that includes the functionality (saving intermediate files in /tmp in a safe way).
coccinelle-0.1.8-1.fc11.3 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/coccinelle-0.1.8-1.fc11.3
I've requested that this gets pushed straight into the F11 builds. https://fedorahosted.org/rel-eng/ticket/1867
coccinelle-0.1.8-1.fc10.3 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.