Joined: 12 May 2004
|Posted: Thu Jun 14, 2018 4:26 am Post subject: [ glsa 201806-03 ] burp
|Gentoo Linux Security Advisory
Title: BURP: Multiple vulnerabilities (GLSA 201806-03)
Bug(s): #628770, #641842
Multiple vulnerabilities were discovered in BURP's Gentoo ebuild,
the worst of which could lead to root privilege escalation.
A network backup and restore program.
Vulnerable: < 2.1.32
Unaffected: >= 2.1.32
Architectures: All supported architectures
It was discovered that Gentoo’s BURP ebuild does not properly set
permissions or place the pid file in a safe directory.
A local attacker could escalate privileges.
Users should ensure the proper permissions are set as discussed in the
All BURP users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-backup/burp-2.1.32"