Ubuntu
eterm package

[CVE-2008-1692] opens on :0 if DISPLAY not set

Bug #216604 reported by William Grant on 2008-04-13

256

	Status	Importance	Assigned to
eterm (Debian)	Fix Released	Unknown	debbugs #473127
eterm (Ubuntu)	Fix Released	Low	Emanuele Gentili
Dapper	Won't Fix	Low	Emanuele Gentili
Edgy	Won't Fix	Low	Emanuele Gentili
Feisty	Fix Released	Low	Emanuele Gentili
Gutsy	Fix Released	Low	Emanuele Gentili
Hardy	Fix Released	Low	Emanuele Gentili

Bug Description

Binary package hint: eterm

All releases are affected.

CVE-2008-1692:
"Eterm 0.9.4 opens an xterm on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections."

Related branches

lp:ubuntu/karmic/eterm

lp:ubuntu/feisty-security/eterm

lp:ubuntu/gutsy-security/eterm

CVE References

2008-1692

William Grant (wgrant) on 2008-04-13

Changed in eterm:
importance:	Undecided → High
status:	New → Confirmed
importance:	Undecided → High
status:	New → Confirmed
status:	New → Confirmed
status:	New → Confirmed
status:	New → Confirmed

Emanuele Gentili (emgent) on 2008-04-22

Changed in eterm:
assignee:	nobody → emgent
status:	Confirmed → In Progress

Revision history for this message

StefanPotyra (sistpoty) wrote on 2008-04-22:

FFe ACK for hardy.

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-04-22:

hardy_eterm_0.9.4.0debian1-2ubuntu3.debdiff Edit (1.2 KiB, text/plain)

Changed in eterm:
assignee:	nobody → emgent
status:	Confirmed → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-04-22:

This bug was fixed in the package eterm - 0.9.4.0debian1-2ubuntu3

---------------
eterm (0.9.4.0debian1-2ubuntu3) hardy; urgency=low

  * SECURITY UPDATE:
   + src/startup.c (LP: #216604)
    - Fix opening the terminal on display :0 if no DISPLAY
      environment variable is specified to prevent local
      attackers from hijacking X11 connections in certain
      environments.

  * References
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1692
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=47312

-- Emanuele Gentili <email address hidden> Tue, 22 Apr 2008 23:54:15 +0200

Changed in eterm:
status:	In Progress → Fix Released

Emanuele Gentili (emgent) on 2008-04-23

Changed in eterm:
assignee:	nobody → emgent
importance:	Undecided → High
status:	Confirmed → In Progress

Emanuele Gentili (emgent) on 2008-04-23

Changed in eterm:
assignee:	nobody → emgent
status:	Confirmed → In Progress
importance:	Undecided → High
assignee:	nobody → emgent
importance:	Undecided → High
status:	Confirmed → In Progress

Bug Watch Updater (bug-watch-updater) on 2008-04-30

Changed in eterm:
status:	Unknown → Fix Released

Revision history for this message

Andrea Gasparini (gaspa) wrote on 2008-05-05:

#10

All Debdiffs reference to this debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=47312
but perhaps it should be :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-05-05:

#11

true, Thanks andrea!

I will fix it.

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-05-05:

#12

dapper_security_eterm_0.9.2-8.3build2.1.debdiff Edit (1.2 KiB, text/plain)

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-05-05:

#15

gutsy_security_eterm_0.9.4.0debian1-2ubuntu1.7.10.1.debdiff Edit (1.3 KiB, text/plain)

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-05-05:

#16

feisty_security_eterm_0.9.4.0debian1-2ubuntu1.7.04.1.debdiff Edit (1.3 KiB, text/plain)

Revision history for this message

Kees Cook (kees) wrote on 2008-06-17:

#17

Dapper uses CDBS for patches, and needs to not have the "build" version suffix. Please see https://wiki.ubuntu.com/SecurityUpdateProcedures

Changed in eterm:
importance:	High → Low
importance:	High → Low
importance:	High → Low
importance:	High → Low
importance:	High → Low
importance:	High → Low
status:	In Progress → Incomplete

Revision history for this message

Kees Cook (kees) wrote on 2008-06-17:

#18

Edgy is EOL, so marking "won't fix"

Changed in eterm:
status:	In Progress → Won't Fix

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-06-19:

#19

This bug was fixed in the package eterm - 0.9.4.0debian1-2ubuntu1.7.10.1

---------------
eterm (0.9.4.0debian1-2ubuntu1.7.10.1) gutsy-security; urgency=low

  * References
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127

-- Emanuele Gentili <email address hidden> Tue, 22 Apr 2008 23:35:49 +0200

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-06-19:

#20

This bug was fixed in the package eterm - 0.9.4.0debian1-2ubuntu1.7.04.1

---------------
eterm (0.9.4.0debian1-2ubuntu1.7.04.1) feisty-security; urgency=low

  * References
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473127

-- Emanuele Gentili <email address hidden> Wed, 23 Apr 2008 21:54:55 +0200

Changed in eterm:
status:	In Progress → Fix Released
status:	In Progress → Fix Released

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-06-19:

#21

dapper_security_eterm_0.9.2-8.3ubuntu2.1.debdiff Edit (2.0 KiB, text/plain)

Changed in eterm:
status:	Incomplete → In Progress

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2008-08-08:

#22

FTBFS on dapper/amd64. Please verify/upload a new debdiff.

Changed in eterm:
status:	In Progress → Triaged

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2011-10-14:

#23

Thank you for reporting this bug to Ubuntu. dapper has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against dapper is being marked "Won't Fix". Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.

Please feel free to report any other bugs you may find.