Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <1436871238.28364.89.camel@juliet.mcarpenter.org>
Date: Tue, 14 Jul 2015 12:53:58 +0200
From: Martin Carpenter <mcarpenter@...e.fr>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE request: ansible zone/chroot/jail escape

Hi,

I recently found a symlink attack that enables a malicious
zone/chroot/jail managed by ansible to escape into the managing host.
This was fixed in ansible 1.9.2 (commit list below, see
https://github.com/ansible/ansible).

I am not an ansible committer but Toshio requested I follow up. I
understand that a request was made by Toshio to CVE-assign on 1st July
but no response was received. The commits are already public and it has
been announced on ansible's security page:
http://www.ansible.com/security.

Could a CVE please be assigned to this issue?


Thanks,

Martin.


commit 548a7288a90c49e9b50ccf197da307eae525b899
Author: Toshio Kuratomi <toshio@...oraproject.org>
Date:   Wed Jun 24 01:00:22 2015 -0700

    Use BUFSIZE when putting file as well as fetching file.

commit 270be6a6f5852c5563976f060c80eff64decc89c
Author: Toshio Kuratomi <toshio@...oraproject.org>
Date:   Tue Jun 23 22:27:45 2015 -0700

    Fix exec_command to not use a shell

commit 952166f48eb0f5797b75b160fd156bbe1e8fc647
Author: Toshio Kuratomi <toshio@...oraproject.org>
Date:   Mon Jun 22 20:07:29 2015 -0700

    Fix problem with chroot connection plugins and symlinks from within
the chroot.

commit 0777d025051bf5cf3092aa79a9e6b67cec7064dd
Author: Toshio Kuratomi <toshio@...oraproject.org>
Date:   Fri Jun 19 11:09:48 2015 -0700

    Fix problem with jail and zone connection plugins and symlinks from
within the jail/zone.

commit ca2f2c4ebd7b5e097eab0a710f79c1f63badf95b
Author: Toshio Kuratomi <toshio@...oraproject.org>
Date:   Fri Jun 19 09:41:48 2015 -0700

    Fix problem with jail and zone connection plugins and symlinks from
within the jail/zone.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.