Joined: 12 May 2004
|Posted: Tue Apr 02, 2019 9:26 am Post subject: [ glsa 201904-05 ] burp
|Gentoo Linux Security Advisory
Title: BURP: Root privilege escalation (GLSA 201904-05)
A vulnerability was discovered in Gentoo's ebuild for BURP which
could lead to root privilege escalation.
A network backup and restore program.
Vulnerable: < 2.1.32-r1
Unaffected: >= 2.1.32-r1
Architectures: All supported architectures
It was discovered that Gentoo’s BURP ebuild does not properly set
permissions or place the pid file in a safe directory. Additionally, the
first set of patches did not completely address this. As such, a
revision has been made available that addresses all concerns of the
A local attacker could escalate privileges.
Users should ensure the proper permissions are set as discussed in the
All BURP users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-backup/burp-2.1.32-r1"