[Bug 1941790] Re: squashfs-tools 4.5 / "write outside directory" exploit fix back port?
Launchpad Bug Tracker
1941790 at bugs.launchpad.net
Tue Aug 31 00:19:39 UTC 2021
This bug was fixed in the package squashfs-tools - 1:4.4-2ubuntu0.1
---------------
squashfs-tools (1:4.4-2ubuntu0.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Directory traversal via relative paths in unsquashfs
(LP: #1941790)
- debian/patches/0003-CVE-2021-40153.patch:
Treat squashfs images which contain files with names containing
constructs like ../ as corrupted in unsquash-N.c
- CVE-2021-40153
-- Alex Murray <alex.murray at canonical.com> Fri, 27 Aug 2021 14:54:27
+0930
** Changed in: squashfs-tools (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to squashfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1941790
Title:
squashfs-tools 4.5 / "write outside directory" exploit fix back port?
Status in squashfs-tools package in Ubuntu:
Fix Released
Bug description:
The squashfs-tools 4.5 release addresses an issue where `unsquashfs`
can extract files outside of its target directory, given a malicious
input file.
This issue was reported back in 2019 at:
https://github.com/plougher/squashfs-tools/issues/72
The squashfs-tools release notes mention the fix:
https://github.com/plougher/squashfs-tools/blob/master/CHANGES
> 3.13 Unsquashfs "write outside directory" exploit fixed.
Is Ubuntu aware of this issue w.r.t. back porting to distro release
versions squashfs-tools?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1941790/+subscriptions
More information about the foundations-bugs
mailing list