[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] esound bugs



Problem description
===================

Esound, the sound daemon used for Gnome, creates a world-writable
directory, /tmp/.esd.  This directory is owned by the user running esound,
and is used to store a socket which is used by programs connecting to the
sound server.  During startup, this socket's permissions are adjusted. An
attacker on the system can theoretically create a symbolic link, and cause
any file or directory owned by the user running esound to be made
world writable.

Solution
========

RedHat 6.x
upgrade to version 0.2.20-0, i.e.,
rpm -Fvh esound-0.2.20-0.i386.rpm esound-devel-0.2.20-0.i386.rpm

RedHat 7.0
upgrade to version 0.2.20-1, i.e.,
rpm -Fvh esound-0.2.20-1.i386.rpm esound-devel-0.2.20-1.i386.rpm

Debian
not affected.

Mandrake 6.x, 7.x
upgrade to version 0.2.17-3mdk, i.e.,
rpm -Fvh esound-0.2.17-3mdk.i586.rpm esound-devel-0.2.17-3mdk.i586.rpm