tags 709931 + pending
thanks

Hi Chris

I've prepared an NMU for socat (versioned as 1.7.1.3-1.5) and uploaded
it to DELAYED/10.

In any case, please feel free to tell me if I should stop, so that you
can finalize the upload yourself, or if I should delay it longer.

Regards,
Salvatore
diff -Nru socat-1.7.1.3/debian/changelog socat-1.7.1.3/debian/changelog
--- socat-1.7.1.3/debian/changelog	2012-05-11 22:46:45.000000000 +0200
+++ socat-1.7.1.3/debian/changelog	2013-07-03 20:12:23.000000000 +0200
@@ -1,3 +1,12 @@
+socat (1.7.1.3-1.5) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Add CVE-2013-3571.patch patch.
+    CVE-2013-3571: Fix denial of service due to file descriptor leak.
+    (Closes: #709931)
+
+ -- Salvatore Bonaccorso <[email protected]>  Wed, 03 Jul 2013 17:17:33 +0200
+
 socat (1.7.1.3-1.4) unstable; urgency=low
 
   * Non-maintainer upload for release goal
diff -Nru socat-1.7.1.3/debian/patches/CVE-2013-3571.patch socat-1.7.1.3/debian/patches/CVE-2013-3571.patch
--- socat-1.7.1.3/debian/patches/CVE-2013-3571.patch	1970-01-01 01:00:00.000000000 +0100
+++ socat-1.7.1.3/debian/patches/CVE-2013-3571.patch	2013-07-03 20:12:23.000000000 +0200
@@ -0,0 +1,25 @@
+Description: Fix FD leak
+ CVE-2013-3571: fix fd leak when socat is invoked with a listen type
+ address with option fork and one or more of the options sourceport,
+ lowport, range, or tcpwrap. When socat refuses a client connection due
+ to one of these address or port restrictions it does shutdown() the
+ socket but does not close() it, resulting in a file descriptor leak in
+ the listening process. This could be used to mount a denial of service
+ attack against socat running in server mode.
+Origin: http://www.dest-unreach.org/socat/download/socat-1.7.2.2.patch.gz
+Bug-Debian: http://bugs.debian.org/709931
+Forwarded: not-needed
+Author: Salvatore Bonaccorso <[email protected]>
+Last-Update: 2013-07-03
+Applied-Upstream: 1.7.2.2
+
+--- a/xio-listen.c
++++ b/xio-listen.c
+@@ -265,6 +265,7 @@
+ 	 if (Shutdown(ps, 2) < 0) {
+ 	    Info2("shutdown(%d, 2): %s", ps, strerror(errno));
+ 	 }
++	 Close(ps);
+ 	 continue;
+       }
+ 
diff -Nru socat-1.7.1.3/debian/patches/series socat-1.7.1.3/debian/patches/series
--- socat-1.7.1.3/debian/patches/series	2011-07-02 20:00:37.000000000 +0200
+++ socat-1.7.1.3/debian/patches/series	2013-07-03 20:12:23.000000000 +0200
@@ -3,3 +3,4 @@
 02-Manpage-slashes
 03-Truncate
 debian-changes-1.7.1.3-1.1
+CVE-2013-3571.patch

Reply via email to