Bug 148911

Summary:

maintainer update: mark security/isolate forbidden due to security issue

Product:

Ports & Packages

Reporter:

Steve Wills <steve>

Component:

Individual Port(s)

Assignee:

Baptiste Daroussin <bapt>

Status:

Closed FIXED

Severity:

Affects Only Me

Priority:

Normal

Version:

Latest

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
file.diff	none

Description Steve Wills 2010-07-24 20:50:08 UTC

The security/isolate port currently suffers from local root privileges escalation problems. It should not be used. The attached patch marks it forbidden. Also marks it broken on pre 8.x due to lack of unlinkat (and openat) syscalls, in preparation for when the security issue is fixed.

Fix: Patch attached with submission follows:

Comment 1 Baptiste Daroussin freebsd_committer

2010-07-29 15:45:40 UTC

Responsible Changed
From-To: freebsd-ports-bugs->bapt

I'll take it.

Comment 2 Steve Wills 2010-08-12 23:47:42 UTC

Any progress on getting this committed? The port really should be deleted.

Thanks,
Steve

Comment 3 dfilter service freebsd_committer

2010-08-17 13:50:47 UTC

bapt        2010-08-17 12:50:38 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  - Add security/isolate entry
  
  PR:             ports/148911
  Submitted by:   Steve Wills <steve _at_ mouf.net> (maintainer)
  Approved by:    tabthorpe (mentor)
  
  Revision  Changes    Path
  1.2202    +30 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"

Comment 4 dfilter service freebsd_committer

2010-08-17 14:04:39 UTC

bapt        2010-08-17 13:04:26 UTC

  FreeBSD ports repository

  Modified files:
    .                    MOVED 
    security             Makefile 
  Removed files:
    security/isolate     Makefile distinfo pkg-descr 
  Log:
  Security vulnerability: local root privileges escalation problems
  
  PR:             ports/148911
  Submitted by:   Steve Wills <steve _at_ mouf.net> (maintainer)
  Approved by:    tabthorpe (mentor)
  
  Revision  Changes    Path
  1.2201    +2 -1      ports/MOVED
  1.1120    +0 -1      ports/security/Makefile
  1.3       +0 -31     ports/security/isolate/Makefile (dead)
  1.3       +0 -3      ports/security/isolate/distinfo (dead)
  1.2       +0 -4      ports/security/isolate/pkg-descr (dead)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"

Comment 5 Baptiste Daroussin freebsd_committer

2010-08-17 14:05:09 UTC

State Changed
From-To: open->closed

Port removed. Thanks! sorry for having been so long