registry team mailing list archive
-
registry team
-
Mailing list archive
-
Message #28207
[Bug 677226] [NEW] CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: systemtap
Two security problems have been found in the setuid-root
/usr/bin/staprun program [1]. The issue have been fixed upstream [2].
See CVE-2010-4170 and CVE-2010-4171.
[1] http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html
[2] http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commit;h=b7565b41228bea196cefa3a7d43ab67f8f9152e2
** Affects: systemtap (Ubuntu)
Importance: High
Assignee: Lorenzo De Liso (blackz)
Status: In Progress
** Affects: systemtap (Ubuntu Maverick)
Importance: High
Assignee: Lorenzo De Liso (blackz)
Status: In Progress
** Affects: systemtap (Debian)
Importance: Unknown
Status: Unknown
** Visibility changed to: Public
** Changed in: systemtap (Ubuntu)
Importance: Undecided => High
** Bug watch added: Debian Bug tracker #603946
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603946
** Also affects: systemtap (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603946
Importance: Unknown
Status: Unknown
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4170
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4171
** Also affects: systemtap (Ubuntu Maverick)
Importance: Undecided
Status: New
** Changed in: systemtap (Ubuntu Maverick)
Importance: Undecided => High
** Changed in: systemtap (Ubuntu)
Status: New => In Progress
** Changed in: systemtap (Ubuntu)
Assignee: (unassigned) => Lorenzo De Liso (blackz)
** Changed in: systemtap (Ubuntu Maverick)
Status: New => In Progress
** Changed in: systemtap (Ubuntu Maverick)
Assignee: (unassigned) => Lorenzo De Liso (blackz)
--
CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
https://bugs.launchpad.net/bugs/677226
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.
Follow ups
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Launchpad Bug Tracker, 2010-11-23
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Launchpad Bug Tracker, 2010-11-23
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-23
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Bug Watch Updater, 2010-11-20
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-20
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-20
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-20
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Steve Beattie, 2010-11-20
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Bug Watch Updater, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Steve Beattie, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-19
-
[Bug 677226] Re: CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Bug Watch Updater, 2010-11-18
-
[Bug 677226] [NEW] CVE-2010-4170 and CVE-2010-4171: staprun module loading/unloading security fixes
From: Lorenzo De Liso, 2010-11-18
References