From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Jun 10 11:31:27 2015 Return-Path: Delivered-To: freebsd-ports-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C2D3AAD5 for ; Wed, 10 Jun 2015 11:31:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 92A531225 for ; Wed, 10 Jun 2015 11:31:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id t5ABVRPH002123 for ; Wed, 10 Jun 2015 11:31:27 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 200758] textproc/elasticsearch: Security vulnerability CVE-2015-4165 Date: Wed, 10 Jun 2015 11:31:27 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: needs-patch, security X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: tj@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status keywords bug_severity priority component assigned_to reporter cc flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jun 2015 11:31:27 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200758 Bug ID: 200758 Summary: textproc/elasticsearch: Security vulnerability CVE-2015-4165 Product: Ports & Packages Version: Latest Hardware: Any URL: http://www.securityfocus.com/archive/1/535727/30/0/thr eaded OS: Any Status: New Keywords: needs-patch, security Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: tj@FreeBSD.org Reporter: koobs@FreeBSD.org CC: ports-secteam@FreeBSD.org Flags: maintainer-feedback?(tj@FreeBSD.org) Assignee: tj@FreeBSD.org Elasticsearch versions 1.0.0 - 1.5.2 are vulnerable to an engineered attack on other applications on the system. The snapshot API may be used indirectly to place snapshot metadata files into locations that are writeable by the user running the Elasticsearch process. It is possible to create a file that another application could read and take action on, such as code execution. This vulnerability requires several conditions to be exploited. There must be some other application running on the system that would read Lucene files and execute code from them. That application must also be accessible to the attacker, e.g. over the network. Lastly, the Java VM running the Elasticsearch process must be able to write into a location that the other application will read and potentially execute. -- You are receiving this mail because: You are the assignee for the bug.