Bug 58829 (suse43829)

Summary: VUL-0: mysqlhotcopy tempfile problem
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Sebastian Krahmer <krahmer>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: krahmer, lnussel, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: the patchinfo for box.
patchinfo for maintained

Description Ludwig Nussel 2004-08-16 16:09:56 UTC 
mysqlhotcopy creates temporary files in an insecure way. A patch is available 
at http://lists.mysql.com/internals/15185. We received the following mail via 
vendor-sec: 
 
Date: Sat, 14 Aug 2004 17:31:05 +0200 
From: Martin Schulze <joey@infodrom.org>                                                                        
To: vendor-sec@lst.de 
Subject: [vendor-sec] CAN-2004-0457: Temporary file vulnerability in 
mysqlhotcopy                               
User-Agent: Mutt/1.5.6+20040803i 
X-Spam-Level: 
 
Moin! 
 
Jeroen van Wolffelaar <jeroen@wolffelaar.nl> discovered an insecure 
temporary file vulnerability in the mysqlhotcopy script when using the 
scp method. 
 
Sergei Golubchik <serg@mysql.com> has fixed this upstream with this 
patch: http://lists.mysql.com/internals/15185 
 
We will be issuing an advisory soon.  I guess you'd like to do the 
same. 
 
This is CAN-2004-0457. 
 
Regards, 
 
        Joey
Comment 1 Sebastian Krahmer 2004-08-16 19:53:16 UTC 
*** Bug 58831 has been marked as a duplicate of this bug. ***
Comment 2 Tomas Crhak 2004-08-18 17:06:36 UTC 
Fix needed for sles9, 9.0, 8.2, ul1/sles8, 8.0.

Could anyone translate the following for the patchinfo?

<snip>
This update fixes a temporary file vulnerability discovered
in the mysqlhotcopy script when using the scp method.
</snip>

Thanks!
Comment 3 Ludwig Nussel 2004-08-18 17:17:39 UTC 
Don't bother, we will just write the patchinfo files for you. 8.0 is no longer 
supported, no need to fix it. I suppose 9.1 is affected as well since sles9 
is?
Comment 4 Sebastian Krahmer 2004-08-18 17:28:30 UTC 
I just did. Will append it now.
Comment 5 Sebastian Krahmer 2004-08-18 17:29:41 UTC 
The patchinfops are in place, according to comment #2, I removed
SL 9.1. If it is affected it needs to be added in the distro-list.
Comment 6 Sebastian Krahmer 2004-08-18 17:31:33 UTC 
Created attachment 22779 [details]
the patchinfo for box.

...
Comment 7 Sebastian Krahmer 2004-08-18 17:31:55 UTC 
Created attachment 22780 [details]
patchinfo for maintained

...
Comment 8 Tomas Crhak 2004-08-18 18:16:43 UTC 
9.1 is affected as well (it shares sources with sles9),
submitted all except for 8.0
Comment 9 Marcus Meissner 2004-08-18 20:27:31 UTC 
<!-- SBZ_reopen -->Reopened by meissner@suse.de at Wed Aug 18 14:27:31 2004, took initial reporter lnussel@suse.de to cc
Comment 10 Marcus Meissner 2004-08-18 20:27:31 UTC 
reopen for tracking
Comment 11 Marcus Meissner 2004-09-06 20:59:31 UTC 
updates released.