CVE-2020-11979: Code Injection

First published: Thu Oct 01 2020(Updated: )

As mitigation for <a href="https://access.redhat.com/security/cve/CVE-2020-1945">CVE-2020-1945</a> Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process. References: <a href="https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3E</a> <a href="https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e@%3Cdev.creadur.apache.org%3E</a> <a href="https://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0@%3Cdev.creadur.apache.org%3E</a> <a href="https://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490@%3Cdev.creadur.apache.org%3E</a> <a href="https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E">https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E</a> <a href="https://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea%40%3Cdev.ant.apache.org%3E">https://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea%40%3Cdev.ant.apache.org%3E</a> <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AALW42FWNQ35F7KB3JVRC6NBVV7AAYYI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AALW42FWNQ35F7KB3JVRC6NBVV7AAYYI/</a> <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYBRN5C2RW7JRY75IB7Q7ZVKZCHWAQWS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYBRN5C2RW7JRY75IB7Q7ZVKZCHWAQWS/</a> <a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3NRQQ7ECII4ZNGW7GBC225LVYMPQEKB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3NRQQ7ECII4ZNGW7GBC225LVYMPQEKB/</a> <a href="https://security.gentoo.org/glsa/202011-18">https://security.gentoo.org/glsa/202011-18</a>

Credit: security@apache.org security@apache.org

Affected Software	Affected Version	How to fix
redhat/jenkins	<0:2.263.3.1612433584-1.el7	0:2.263.3.1612433584-1.el7
redhat/conmon	<2:2.0.21-1.rhaos4.5.el7	2:2.0.21-1.rhaos4.5.el7
redhat/jenkins	<0:2.263.3.1612434332-1.el7	0:2.263.3.1612434332-1.el7
redhat/machine-config-daemon	<0:4.5.0-202102050524.p0.git.2594.ff3b8c0.el8	0:4.5.0-202102050524.p0.git.2594.ff3b8c0.el8
redhat/openshift	<0:4.5.0-202102050524.p0.git.0.9229406.el7	0:4.5.0-202102050524.p0.git.0.9229406.el7
redhat/openshift-ansible	<0:4.5.0-202102031005.p0.git.0.c6839a2.el7	0:4.5.0-202102031005.p0.git.0.c6839a2.el7
redhat/openshift-clients	<0:4.5.0-202102051529.p0.git.3612.61b096a.el7	0:4.5.0-202102051529.p0.git.3612.61b096a.el7
redhat/runc	<0:1.0.0-72.rhaos4.5.giteadfc6b.el8	0:1.0.0-72.rhaos4.5.giteadfc6b.el8
redhat/jenkins	<0:2.263.3.1612434510-1.el8	0:2.263.3.1612434510-1.el8
Apache Ant	=1.10.8
Gradle Gradle	<6.8.0
Fedoraproject Fedora	=31
Fedoraproject Fedora	=32
Fedoraproject Fedora	=33
Oracle Agile Engineering Data Management	=6.2.1.0
Oracle API Gateway	=11.1.2.4.0
Oracle Banking Platform	=2.4.0
Oracle Banking Platform	=2.4.1
Oracle Banking Platform	=2.6.2
Oracle Banking Platform	=2.7.0
Oracle Banking Platform	=2.7.1
Oracle Banking Platform	=2.8.0
Oracle Banking Treasury Management	=14.4
Oracle Communications Unified Inventory Management	=7.4.0
Oracle Communications Unified Inventory Management	=7.4.1
Oracle Data Integrator	=12.2.1.3.0
Oracle Data Integrator	=12.2.1.4.0
Oracle Endeca Information Discovery Studio	=3.2.0.0
Oracle Enterprise Repository	=11.1.1.7.0
Oracle Financial Services Analytical Applications Infrastructure	>=8.0.6<=8.0.9
Oracle Financial Services Analytical Applications Infrastructure	=8.1.0
Oracle Financial Services Analytical Applications Infrastructure	=8.1.1
Oracle FLEXCUBE Private Banking	=12.0.0
Oracle FLEXCUBE Private Banking	=12.1.0
Oracle Primavera Gateway	>=16.2.0<=16.2.11
Oracle Primavera Gateway	>=17.12.0<=17.12.9
Oracle Primavera Unifier	>=17.7<=17.12
Oracle Primavera Unifier	=16.1
Oracle Primavera Unifier	=16.2
Oracle Primavera Unifier	=18.8
Oracle Primavera Unifier	=19.12
Oracle Primavera Unifier	=20.12
Oracle Real-time Decision Server	=3.2.0.0
Oracle Real-time Decision Server	=11.1.1.9.0
Oracle Retail Advanced Inventory Planning	=14.1
Oracle Retail Assortment Planning	=16.0.3
Oracle Retail Category Management Planning \& Optimization	=16.0.3
Oracle Retail Eftlink	=19.0.1
Oracle Retail Eftlink	=20.0.0
Oracle Retail Financial Integration	=14.1.3
Oracle Retail Financial Integration	=15.0.3
Oracle Retail Financial Integration	=16.0.3
Oracle Retail Integration Bus	=15.0.3
Oracle Retail Item Planning	=16.0.3
Oracle Retail Macro Space Optimization	=16.0.3
Oracle Retail Merchandise Financial Planning	=16.0.3
Oracle Retail Merchandising System	=14.1.3.2
Oracle Retail Merchandising System	=16.0.3
Oracle Retail Predictive Application Server	=14.1
Oracle Retail Regular Price Optimization	=16.0.3
Oracle Retail Replenishment Optimization	=16.0.3
Oracle Retail Service Backbone	=14.1.3
Oracle Retail Service Backbone	=15.0.3
Oracle Retail Service Backbone	=16.0.3
Oracle Retail Size Profile Optimization	=16.0.3
Oracle Retail Store Inventory Management	=14.1.3.9
Oracle Retail Store Inventory Management	=15.0.3.0
Oracle Retail Store Inventory Management	=16.0.3.0
Oracle Retail Xstore Point of Service	=15.0.4
Oracle Retail Xstore Point of Service	=16.0.6
Oracle Retail Xstore Point of Service	=17.0.4
Oracle Retail Xstore Point of Service	=18.0.3
Oracle Retail Xstore Point of Service	=19.0.2
Oracle Storagetek Acsls	=8.5.1
Oracle Storagetek Tape Analytics	=2.4
Oracle TimesTen In-Memory Database	<11.2.2.8.27
Oracle Utilities Framework	=4.3.0.5.0
Oracle Utilities Framework	=4.3.0.6.0
Oracle Utilities Framework	=4.4.0.0.0
Oracle Utilities Framework	=4.4.0.2.0
redhat/ant	<1.10.9	1.10.9
maven/org.apache.ant:ant	=1.10.8	1.10.9
	=1.10.8
	<6.8.0
	=31
	=32
	=33
	=6.2.1.0
	=11.1.2.4.0
	=2.4.0
	=2.4.1
	=2.6.2
	=2.7.0
	=2.7.1
	=2.8.0
	=14.4
	=7.4.0
	=7.4.1
	=12.2.1.3.0
	=12.2.1.4.0
	=3.2.0.0
	=11.1.1.7.0
	>=8.0.6<=8.0.9
	=8.1.0
	=8.1.1
	=12.0.0
	=12.1.0
	>=16.2.0<=16.2.11
	>=17.12.0<=17.12.9
	>=17.7<=17.12
	=16.1
	=16.2
	=18.8
	=19.12
	=20.12
	=3.2.0.0
	=11.1.1.9.0
	=14.1
	=16.0.3
	=16.0.3
	=19.0.1
	=20.0.0
	=14.1.3
	=15.0.3
	=16.0.3
	=15.0.3
	=16.0.3
	=16.0.3
	=16.0.3
	=14.1.3.2
	=16.0.3
	=14.1
	=16.0.3
	=16.0.3
	=14.1.3
	=15.0.3
	=16.0.3
	=16.0.3
	=14.1.3.9
	=15.0.3.0
	=16.0.3.0
	=15.0.4
	=16.0.6
	=17.0.4
	=18.0.3
	=19.0.2
	=8.5.1
	=2.4
	<11.2.2.8.27
	=4.3.0.5.0
	=4.3.0.6.0
	=4.4.0.0.0
	=4.4.0.2.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

collector/redhat-cve
collector/nvd-index
agent/type
agent/first-publish-date
agent/remedy
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2020-11979
agent/software-canonical-lookup
collector/github-advisory-latest
source/GitHub
alias/GHSA-f62v-xpxf-3v68
agent/weakness
agent/severity
agent/last-modified-date
agent/description
agent/references
agent/author
agent/tags
agent/event
agent/softwarecombine
collector/nvd-cve
source/NVD
collector/github-advisory
package-manager/redhat
vendor/apache
canonical/apache ant
version/apache ant/1.10.8
vendor/gradle
canonical/gradle gradle
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/31
version/fedoraproject fedora/32
version/fedoraproject fedora/33
vendor/oracle
canonical/oracle agile engineering data management
version/oracle agile engineering data management/6.2.1.0
canonical/oracle api gateway
version/oracle api gateway/11.1.2.4.0
canonical/oracle banking platform
version/oracle banking platform/2.4.0
version/oracle banking platform/2.4.1
version/oracle banking platform/2.6.2
version/oracle banking platform/2.7.0
version/oracle banking platform/2.7.1
version/oracle banking platform/2.8.0
canonical/oracle banking treasury management
version/oracle banking treasury management/14.4
canonical/oracle communications unified inventory management
version/oracle communications unified inventory management/7.4.0
version/oracle communications unified inventory management/7.4.1
canonical/oracle data integrator
version/oracle data integrator/12.2.1.3.0
version/oracle data integrator/12.2.1.4.0
canonical/oracle endeca information discovery studio
version/oracle endeca information discovery studio/3.2.0.0
canonical/oracle enterprise repository
version/oracle enterprise repository/11.1.1.7.0
canonical/oracle financial services analytical applications infrastructure
version/oracle financial services analytical applications infrastructure/8.0.6
version/oracle financial services analytical applications infrastructure/8.0.9
version/oracle financial services analytical applications infrastructure/8.1.0
version/oracle financial services analytical applications infrastructure/8.1.1
canonical/oracle flexcube private banking
version/oracle flexcube private banking/12.0.0
version/oracle flexcube private banking/12.1.0
canonical/oracle primavera gateway
version/oracle primavera gateway/16.2.0
version/oracle primavera gateway/16.2.11
version/oracle primavera gateway/17.12.0
version/oracle primavera gateway/17.12.9
canonical/oracle primavera unifier
version/oracle primavera unifier/17.7
version/oracle primavera unifier/17.12
version/oracle primavera unifier/16.1
version/oracle primavera unifier/16.2
version/oracle primavera unifier/18.8
version/oracle primavera unifier/19.12
version/oracle primavera unifier/20.12
canonical/oracle real-time decision server
version/oracle real-time decision server/3.2.0.0
version/oracle real-time decision server/11.1.1.9.0
canonical/oracle retail advanced inventory planning
version/oracle retail advanced inventory planning/14.1
canonical/oracle retail assortment planning
version/oracle retail assortment planning/16.0.3
canonical/oracle retail category management planning \& optimization
version/oracle retail category management planning \& optimization/16.0.3
canonical/oracle retail eftlink
version/oracle retail eftlink/19.0.1
version/oracle retail eftlink/20.0.0
canonical/oracle retail financial integration
version/oracle retail financial integration/14.1.3
version/oracle retail financial integration/15.0.3
version/oracle retail financial integration/16.0.3
canonical/oracle retail integration bus
version/oracle retail integration bus/15.0.3
canonical/oracle retail item planning
version/oracle retail item planning/16.0.3
canonical/oracle retail macro space optimization
version/oracle retail macro space optimization/16.0.3
canonical/oracle retail merchandise financial planning
version/oracle retail merchandise financial planning/16.0.3
canonical/oracle retail merchandising system
version/oracle retail merchandising system/14.1.3.2
version/oracle retail merchandising system/16.0.3
canonical/oracle retail predictive application server
version/oracle retail predictive application server/14.1
canonical/oracle retail regular price optimization
version/oracle retail regular price optimization/16.0.3
canonical/oracle retail replenishment optimization
version/oracle retail replenishment optimization/16.0.3
canonical/oracle retail service backbone
version/oracle retail service backbone/14.1.3
version/oracle retail service backbone/15.0.3
version/oracle retail service backbone/16.0.3
canonical/oracle retail size profile optimization
version/oracle retail size profile optimization/16.0.3
canonical/oracle retail store inventory management
version/oracle retail store inventory management/14.1.3.9
version/oracle retail store inventory management/15.0.3.0
version/oracle retail store inventory management/16.0.3.0
canonical/oracle retail xstore point of service
version/oracle retail xstore point of service/15.0.4
version/oracle retail xstore point of service/16.0.6
version/oracle retail xstore point of service/17.0.4
version/oracle retail xstore point of service/18.0.3
version/oracle retail xstore point of service/19.0.2
canonical/oracle storagetek acsls
version/oracle storagetek acsls/8.5.1
canonical/oracle storagetek tape analytics
version/oracle storagetek tape analytics/2.4
canonical/oracle timesten in-memory database
canonical/oracle utilities framework
version/oracle utilities framework/4.3.0.5.0
version/oracle utilities framework/4.3.0.6.0
version/oracle utilities framework/4.4.0.0.0
version/oracle utilities framework/4.4.0.2.0
package-manager/maven

CVE-2020-11979: Code Injection

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact