Bug 1007000 - (CVE-2016-1247) VUL-0: CVE-2016-1247: nginx,nginx-1.0: local privilege escalation via log files
VUL-0: CVE-2016-1247: nginx,nginx-1.0: local privilege escalation via log files
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other openSUSE 42.1
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2016-10-26 11:08 UTC by Andreas Stieger
Modified: 2020-04-23 12:10 UTC (History)
7 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2016-10-26 11:08:41 UTC
From https://www.debian.org/security/2016/dsa-3701

> Dawid Golunski reported the nginx web server packages in Debian suffered from a > privilege escalation vulnerability (www-data to root) due to the way log files > are handled. This security update changes ownership of the /var/log/nginx
> directory root. In addition, /var/log/nginx has to be made accessible to local > users, and local users may be able to read the log files themselves local until > the next logrotate invocation.

In openSUSE, /var/log/nginx is nginx:nginx 760.
We should check in which way this affects out package.

Comment 1 Marcus Meissner 2016-10-26 19:51:48 UTC
nginx-1.0 still active maintained for studio/webyast

probably similar to the old logrotate bug 677335

(we lack the "su nginx nginx" and "create nginx nginx" there probably, but it needs review)
Comment 2 Swamp Workflow Management 2016-10-26 22:00:19 UTC
bugbot adjusting priority
Comment 4 Alexandros Toptsoglou 2020-04-23 12:10:36 UTC
We are not affected by it in all our current codestreams. Closing