Discussion:
Bug#876004: newsbeuter: CVE-2017-14500: Podbeuter podcast fetcher: remote code execution
(too old to reply)
Salvatore Bonaccorso
2017-09-17 09:30:01 UTC
Permalink
Source: newsbeuter
Version: 2.8-2
Severity: grave
Tags: upstream patch security
Justification: user security hole
Forwarded: https://github.com/akrennmair/newsbeuter/issues/598

Hi,

the following vulnerability was published for newsbeuter.

CVE-2017-14500[0]:
| Improper Neutralization of Special Elements used in an OS Command in
| the podcast playback function of Podbeuter in Newsbeuter 0.3 through
| 2.9 allows remote attackers to perform user-assisted code execution by
| crafting an RSS item with a media enclosure (i.e., a podcast file) that
| includes shell metacharacters in its filename, related to
| pb_controller.cpp and queueloader.cpp, a different vulnerability than
| CVE-2017-12904.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14500
[1] https://github.com/akrennmair/newsbeuter/issues/598
[2] http://openwall.com/lists/oss-security/2017/09/16/1
[3] https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333

Regards,
Salvatore
Debian Bug Tracking System
2017-09-18 16:10:03 UTC
Permalink
Your message dated Mon, 18 Sep 2017 16:04:28 +0000
with message-id <E1dtyX6-000IX6-***@fasolo.debian.org>
and subject line Bug#876004: fixed in newsbeuter 2.9-7
has caused the Debian Bug report #876004,
regarding newsbeuter: CVE-2017-14500: Podbeuter podcast fetcher: remote code execution
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)
--
876004: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876004
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Debian Bug Tracking System
2017-09-23 10:10:01 UTC
Permalink
Your message dated Sat, 23 Sep 2017 10:03:10 +0000
with message-id <E1dvhHC-00024f-***@fasolo.debian.org>
and subject line Bug#876004: fixed in newsbeuter 2.9-5+deb9u2
has caused the Debian Bug report #876004,
regarding newsbeuter: CVE-2017-14500: Podbeuter podcast fetcher: remote code execution
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)
--
876004: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876004
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Debian Bug Tracking System
2017-09-23 11:40:02 UTC
Permalink
Your message dated Sat, 23 Sep 2017 11:33:22 +0000
with message-id <E1dvigU-000EHX-***@fasolo.debian.org>
and subject line Bug#876004: fixed in newsbeuter 2.8-2+deb8u2
has caused the Debian Bug report #876004,
regarding newsbeuter: CVE-2017-14500: Podbeuter podcast fetcher: remote code execution
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)
--
876004: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876004
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems
Loading...