gentoo-full-overlay/metadata/glsa/glsa-201511-01.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsa id="201511-01">
  <title>MirBSD Korn Shell: Arbitrary code execution</title>
  <synopsis>An attacker who already had access to the environment could so
    append values to parameters passed through programs.
  </synopsis>
  <product type="ebuild"/>
  <announced>2015-11-02</announced>
  <revised>2015-11-02: 2</revised>
  <bug>524414</bug>
  <access>local</access>
  <affected>
    <package name="app-shells/mksh" auto="yes" arch="*">
      <unaffected range="ge">50c</unaffected>
      <vulnerable range="lt">50c</vulnerable>
    </package>
  </affected>
  <background>
    <p>MirBSD Korn Shell is an actively developed free implementation of the
      Korn Shell programming language and a successor to the Public Domain Korn
      Shell.
    </p>
  </background>
  <description>
    <p>Improper sanitation of environment import allows for appending of values
      to passed parameters. 
    </p>
  </description>
  <impact type="normal">
    <p>An attacker who already had access to the environment could so append
      values to parameters passed through programs (including sudo(8) or
      setuid) to shell scripts, including indirectly, after those programs
      intended to sanitise the environment, e.g. invalidating the last $PATH
      component.
    </p>
  </impact>
  <workaround>
    <p>There is no known workaround at this time.</p>
  </workaround>
  <resolution>
    <p>All mksh users should upgrade to the latest version:</p>
    
    <code>
      # emerge --sync
      # emerge --ask --oneshot --verbose "&gt;=app-shells/mksh-50c"
    </code>
    
  </resolution>
  <references>
    <uri link="https://www.mirbsd.org/permalinks/wlog-10_e20141003-tg.htm#e20141003-tg_wlog-10">
      mksh R50c released, security fix
    </uri>
  </references>
  <metadata tag="requester" timestamp="2014-12-12T08:13:43Z">K_F</metadata>
  <metadata tag="submitter" timestamp="2015-11-02T15:33:07Z">mrueg</metadata>
</glsa>
Sync with portage [Tue Nov 3 13:06:17 MSK 2015]. 9 years ago			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">`
			`<glsa id="201511-01">`
			`<title>MirBSD Korn Shell: Arbitrary code execution</title>`
			`<synopsis>An attacker who already had access to the environment could so`
			`append values to parameters passed through programs.`
			`</synopsis>`
Sync with portage [Fri Sep 29 08:47:49 MSK 2017]. 7 years ago			`<product type="ebuild"/>`
			`<announced>2015-11-02</announced>`
			`<revised>2015-11-02: 2</revised>`
Sync with portage [Tue Nov 3 13:06:17 MSK 2015]. 9 years ago			`<bug>524414</bug>`
			`<access>local</access>`
			`<affected>`
			`<package name="app-shells/mksh" auto="yes" arch="*">`
			`<unaffected range="ge">50c</unaffected>`
			`<vulnerable range="lt">50c</vulnerable>`
			`</package>`
			`</affected>`
			`<background>`
			`<p>MirBSD Korn Shell is an actively developed free implementation of the`
			`Korn Shell programming language and a successor to the Public Domain Korn`
			`Shell.`
			`</p>`
			`</background>`
			`<description>`
			`<p>Improper sanitation of environment import allows for appending of values`
			`to passed parameters.`
			`</p>`
			`</description>`
			`<impact type="normal">`
			`<p>An attacker who already had access to the environment could so append`
			`values to parameters passed through programs (including sudo(8) or`
			`setuid) to shell scripts, including indirectly, after those programs`
			`intended to sanitise the environment, e.g. invalidating the last $PATH`
			`component.`
			`</p>`
			`</impact>`
			`<workaround>`
			`<p>There is no known workaround at this time.</p>`
			`</workaround>`
			`<resolution>`
			`<p>All mksh users should upgrade to the latest version:</p>`

			`<code>`
			`# emerge --sync`
			`# emerge --ask --oneshot --verbose ">=app-shells/mksh-50c"`
			`</code>`

			`</resolution>`
			`<references>`
			`<uri link="https://www.mirbsd.org/permalinks/wlog-10_e20141003-tg.htm#e20141003-tg_wlog-10">`
			`mksh R50c released, security fix`
			`</uri>`
			`</references>`
Sync with portage [Fri Sep 29 08:47:49 MSK 2017]. 7 years ago			`<metadata tag="requester" timestamp="2014-12-12T08:13:43Z">K_F</metadata>`
			`<metadata tag="submitter" timestamp="2015-11-02T15:33:07Z">mrueg</metadata>`
Sync with portage [Tue Nov 3 13:06:17 MSK 2015]. 9 years ago			`</glsa>`