Red Hat Security Advisory: abrt, libreport, btparser, and python-meh security and bug fix update Security Advisory secalert@redhat.com Red Hat Security Response Team RHSA-2012:0841 Final 4 4 2012-06-20T08:28:00Z Current version 2012-06-20T08:28:00Z 2012-06-20T08:28:00Z Red Hat rhsa-to-cvrf 1.0.1484 2012-06-20T09:05:01Z Updated abrt, libreport, btparser, and python-meh packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. ABRT (Automatic Bug Reporting Tool) is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to "2" (it is "0" by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access. (CVE-2012-1106) ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. Note that this fix does not apply to the default configuration, where reports are sent to Red Hat Customer Support. It only takes effect for users sending information to Red Hat Bugzilla. (CVE-2011-4088) Red Hat would like to thank Jan Iven for reporting CVE-2011-4088. These updated packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes. All users of abrt, libreport, btparser, and python-meh are advised to upgrade to these updated packages, which correct these issues. Please see https://www.redhat.com/footer/terms-of-use.html Copyright © 2012 Red Hat, Inc. All rights reserved. Low https://rhn.redhat.com/errata/RHSA-2012-0841.html https://rhn.redhat.com/errata/RHSA-2012-0841.html https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/security/updates/classification/#low https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Technical_Notes/abrt.html#RHSA-2012-0841 https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Technical_Notes/abrt.html#RHSA-2012-0841 https://bugzilla.redhat.com/show_bug.cgi?id=625485 https://bugzilla.redhat.com/show_bug.cgi?id=625485 https://bugzilla.redhat.com/show_bug.cgi?id=727494 https://bugzilla.redhat.com/show_bug.cgi?id=727494 https://bugzilla.redhat.com/show_bug.cgi?id=745976 https://bugzilla.redhat.com/show_bug.cgi?id=745976 https://bugzilla.redhat.com/show_bug.cgi?id=746727 https://bugzilla.redhat.com/show_bug.cgi?id=746727 https://bugzilla.redhat.com/show_bug.cgi?id=747594 https://bugzilla.redhat.com/show_bug.cgi?id=747594 https://bugzilla.redhat.com/show_bug.cgi?id=747624 https://bugzilla.redhat.com/show_bug.cgi?id=747624 https://bugzilla.redhat.com/show_bug.cgi?id=749100 https://bugzilla.redhat.com/show_bug.cgi?id=749100 https://bugzilla.redhat.com/show_bug.cgi?id=751068 https://bugzilla.redhat.com/show_bug.cgi?id=751068 https://bugzilla.redhat.com/show_bug.cgi?id=758366 https://bugzilla.redhat.com/show_bug.cgi?id=758366 https://bugzilla.redhat.com/show_bug.cgi?id=759375 https://bugzilla.redhat.com/show_bug.cgi?id=759375 https://bugzilla.redhat.com/show_bug.cgi?id=759377 https://bugzilla.redhat.com/show_bug.cgi?id=759377 https://bugzilla.redhat.com/show_bug.cgi?id=768377 https://bugzilla.redhat.com/show_bug.cgi?id=768377 https://bugzilla.redhat.com/show_bug.cgi?id=770357 https://bugzilla.redhat.com/show_bug.cgi?id=770357 https://bugzilla.redhat.com/show_bug.cgi?id=773242 https://bugzilla.redhat.com/show_bug.cgi?id=773242 https://bugzilla.redhat.com/show_bug.cgi?id=796176 https://bugzilla.redhat.com/show_bug.cgi?id=796176 https://bugzilla.redhat.com/show_bug.cgi?id=796216 https://bugzilla.redhat.com/show_bug.cgi?id=796216 https://bugzilla.redhat.com/show_bug.cgi?id=799027 https://bugzilla.redhat.com/show_bug.cgi?id=799027 https://bugzilla.redhat.com/show_bug.cgi?id=803618 https://bugzilla.redhat.com/show_bug.cgi?id=803618 https://bugzilla.redhat.com/show_bug.cgi?id=811147 https://bugzilla.redhat.com/show_bug.cgi?id=811147 https://bugzilla.redhat.com/show_bug.cgi?id=823411 https://bugzilla.redhat.com/show_bug.cgi?id=823411 Red Hat Enterprise Linux Desktop Optional (v. 6) Red Hat Enterprise Linux HPC Node Optional (v. 6) Red Hat Enterprise Linux Workstation Optional (v. 6) Red Hat Enterprise Linux Workstation (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server Optional (v. 6) Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux Server (v. 6) abrt-2.0.8-6.el6.src.rpm btparser-0.16-3.el6.src.rpm libreport-2.0.9-5.el6.src.rpm python-meh-0.12.1-3.el6.src.rpm abrt-2.0.8-6.el6 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6) abrt-2.0.8-6.el6 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) python-meh-0.12.1-3.el6 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) abrt-2.0.8-6.el6 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux Workstation (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux Workstation (v. 6) python-meh-0.12.1-3.el6 as a component of Red Hat Enterprise Linux Workstation (v. 6) abrt-2.0.8-6.el6 as a component of Red Hat Enterprise Linux HPC Node (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux HPC Node (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux HPC Node (v. 6) abrt-2.0.8-6.el6 as a component of Red Hat Enterprise Linux Server Optional (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux Server Optional (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux Server Optional (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux Desktop (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux Desktop (v. 6) python-meh-0.12.1-3.el6 as a component of Red Hat Enterprise Linux Desktop (v. 6) btparser-0.16-3.el6 as a component of Red Hat Enterprise Linux Server (v. 6) libreport-2.0.9-5.el6 as a component of Red Hat Enterprise Linux Server (v. 6) python-meh-0.12.1-3.el6 as a component of Red Hat Enterprise Linux Server (v. 6) ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. Note that this fix does not apply to the default configuration, where reports are sent to Red Hat Customer Support. It only takes effect for users sending information to Red Hat Bugzilla. 2011-10-24T00:00:00Z 2011-11-18T00:00:00Z CVE-2011-4088 6Client-optional:abrt-2.0.8-6.el6 6Client-optional:btparser-0.16-3.el6 6Client-optional:libreport-2.0.9-5.el6 6Client:btparser-0.16-3.el6 6Client:libreport-2.0.9-5.el6 6Client:python-meh-0.12.1-3.el6 6ComputeNode-optional:abrt-2.0.8-6.el6 6ComputeNode-optional:btparser-0.16-3.el6 6ComputeNode-optional:libreport-2.0.9-5.el6 6ComputeNode-optional:python-meh-0.12.1-3.el6 6ComputeNode:abrt-2.0.8-6.el6 6ComputeNode:btparser-0.16-3.el6 6ComputeNode:libreport-2.0.9-5.el6 6Server-optional:abrt-2.0.8-6.el6 6Server-optional:btparser-0.16-3.el6 6Server-optional:libreport-2.0.9-5.el6 6Server:btparser-0.16-3.el6 6Server:libreport-2.0.9-5.el6 6Server:python-meh-0.12.1-3.el6 6Workstation-optional:abrt-2.0.8-6.el6 6Workstation-optional:btparser-0.16-3.el6 6Workstation-optional:libreport-2.0.9-5.el6 6Workstation:btparser-0.16-3.el6 6Workstation:libreport-2.0.9-5.el6 6Workstation:python-meh-0.12.1-3.el6 Low 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-0841.html https://www.redhat.com/security/data/cve/CVE-2011-4088.html CVE-2011-4088 https://bugzilla.redhat.com/show_bug.cgi?id=749854 bz#749854: CVE-2011-4088 abrt: may leak some personal information to bugzilla with some certain applications Red Hat would like to thank Jan Iven for reporting this issue. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to "2" (it is "0" by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access. 2012-01-25T00:00:00Z 2012-02-06T00:00:00Z CVE-2012-1106 6Client-optional:abrt-2.0.8-6.el6 6Client-optional:btparser-0.16-3.el6 6Client-optional:libreport-2.0.9-5.el6 6Client:btparser-0.16-3.el6 6Client:libreport-2.0.9-5.el6 6Client:python-meh-0.12.1-3.el6 6ComputeNode-optional:abrt-2.0.8-6.el6 6ComputeNode-optional:btparser-0.16-3.el6 6ComputeNode-optional:libreport-2.0.9-5.el6 6ComputeNode-optional:python-meh-0.12.1-3.el6 6ComputeNode:abrt-2.0.8-6.el6 6ComputeNode:btparser-0.16-3.el6 6ComputeNode:libreport-2.0.9-5.el6 6Server-optional:abrt-2.0.8-6.el6 6Server-optional:btparser-0.16-3.el6 6Server-optional:libreport-2.0.9-5.el6 6Server:btparser-0.16-3.el6 6Server:libreport-2.0.9-5.el6 6Server:python-meh-0.12.1-3.el6 6Workstation-optional:abrt-2.0.8-6.el6 6Workstation-optional:btparser-0.16-3.el6 6Workstation-optional:libreport-2.0.9-5.el6 6Workstation:btparser-0.16-3.el6 6Workstation:libreport-2.0.9-5.el6 6Workstation:python-meh-0.12.1-3.el6 Low 1.2 AV:L/AC:H/Au:N/C:P/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-0841.html https://www.redhat.com/security/data/cve/CVE-2012-1106.html CVE-2012-1106 https://bugzilla.redhat.com/show_bug.cgi?id=785163 bz#785163: CVE-2012-1106 abrt: Setuid process core dump archived with unsafe GID permissions