Bugzilla – Bug 885003
VUL-0: CVE-2012-0786: augeas: transform_save can overwrite files via .augnew symlink
Last modified: 2014-09-01 10:00:01 UTC
public, via cve db http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0786 The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. https://github.com/hercules-team/augeas/commit/16387744 fixes: https://github.com/hercules-team/augeas/commit/16387744 https://github.com/hercules-team/augeas/commit/1a66739c https://github.com/hercules-team/augeas/commit/051c73a9 please see bug 853044 for a follow up fix too.
bugbot adjusting priority
Submitted in sr#40245 to SLE11SP3. The test patches didn't apply and it would be PITA to backport them so I made it continue with failed testsuite and explained which tests are expected to fail for further reference.
Affected packages: SLE-11-SP3: augeas
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2014-07-16. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/58170
Seems the upstream patches broke storage completely as reported by jmatejka. Going to investigate deper.
Updated package submitted again. This time even bit fancier and I fixed all the tests just to be sure :)
SUSE-SU-2014:1017-1: An update that solves two vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 853044,871323,876044,885003 CVE References: CVE-2012-0786,CVE-2013-6412 Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): augeas-0.9.0-3.15.1 SUSE Linux Enterprise Server 11 SP3 for VMware (src): augeas-0.9.0-3.15.1 SUSE Linux Enterprise Server 11 SP3 (src): augeas-0.9.0-3.15.1 SUSE Linux Enterprise Desktop 11 SP3 (src): augeas-0.9.0-3.15.1
was released