blob: 6b41b0b309f974c1a0574bf9f8880b9f601f8c6c [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200710-05">
<title>QGit: Insecure temporary file creation</title>
A vulnerability has been discovered in QGit allowing local users to
overwrite arbitrary files and execute arbitrary code with another user's
<product type="ebuild">qgit</product>
<announced>October 07, 2007</announced>
<revised>October 07, 2007: 01</revised>
<package name="dev-util/qgit" auto="yes" arch="*">
<unaffected range="ge">1.5.7</unaffected>
<vulnerable range="lt">1.5.7</vulnerable>
QGit is a graphical interface to git repositories that allows you to
browse revisions history, view patch content and changed files.
Raphael Marichez discovered that the DataLoader::doStart() method
creates temporary files in an insecure manner and executes them.
<impact type="normal">
A local attacker could perform a symlink attack, possibly overwriting
files or executing arbitrary code with the rights of the user running
There is no known workaround at this time.
All QGit users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-util/qgit-1.5.7&quot;</code>
<uri link="">CVE-2007-4631</uri>
<metadata tag="requester" timestamp="Mon, 24 Sep 2007 08:55:56 +0000">
<metadata tag="bugReady" timestamp="Mon, 24 Sep 2007 08:56:46 +0000">
<metadata tag="submitter" timestamp="Sun, 07 Oct 2007 18:55:10 +0000">