[Bug 722228] Re: Information disclosure in org.debian.apt.UpdateCachePartially
Alex Murray
722228 at bugs.launchpad.net
Sun Nov 29 23:29:12 UTC 2020
** Information type changed from Private Security to Public Security
** Changed in: aptdaemon (Ubuntu)
Assignee: jeffrey Ortiz (jerfdog361) => Michael Vogt (mvo)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to aptdaemon in Ubuntu.
https://bugs.launchpad.net/bugs/722228
Title:
Information disclosure in org.debian.apt.UpdateCachePartially
Status in aptdaemon package in Ubuntu:
Fix Released
Status in aptdaemon source package in Maverick:
Fix Released
Status in aptdaemon source package in Natty:
Fix Released
Bug description:
Binary package hint: aptdaemon
Starting from Ubuntu 10.10 aptdaemon shipped with Ubuntu allows normal
users to update APT cache without password prompt (because they
granted PolicyKit's org.debian.apt.update-cache action by default).
UpdateCachePartially method doesn't check "sources_list" argument
properly and it's possible to use it for viewing any file in the
system. See proof-of-concept python script for details.
How to test: login into normal ubuntu user, and run "python apt-hole
/etc/shadow" (for example) to see /etc/shadow content.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: python-aptdaemon 0.40+bzr541-0ubuntu2
ProcVersionSignature: Ubuntu 2.6.38-4.31-generic 2.6.38-rc5
Uname: Linux 2.6.38-4-generic x86_64
Architecture: amd64
Date: Sun Feb 20 20:00:09 2011
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Beta amd64 (20100406.1)
PackageArchitecture: all
ProcEnviron:
LANGUAGE=ru:en
PATH=(custom, user)
LANG=ru_RU.UTF-8
LC_MESSAGES=ru_RU.UTF-8
SHELL=/bin/bash
SourcePackage: aptdaemon
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/722228/+subscriptions
More information about the foundations-bugs
mailing list