Bug#520039: marked as done (libsoup: CVE-2009-0585 integer overflow vulnerability)

[Debian Bug Tracking System]

Your message dated Tue, 17 Mar 2009 13:20:19 +0100
with message-id <1237292419.5547.8.ca...@odin.lan>
and subject line Re: Bug#520039: libsoup: CVE-2009-0585 integer overflow 
vulnerability
has caused the Debian Bug report #520039,
regarding libsoup: CVE-2009-0585 integer overflow vulnerability
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
520039: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520039
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

package: libsoup
severity: grave
tags: security

it has been found that libsoup is vulnerable to an integer overflow
attack, see CVE-2009-0585 [1].  details are:

  Integer overflow in the soup_base64_encode function in soup-misc.c in
  libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows
  context-dependent attackers to execute arbitrary code via a long
  string that is converted to a base64 representation.

since this allows remote attackers to execute arbitrary code, it
should be treated with high urgency.

this was just fixed in ubuntu, so it may be possible to adopt their
patch [2].

if you fix these vulnerabilities, please make sure to include the CVE
id in your changelog.  please contact the security team to coordinate
a fix for stable and/or if you have any questions.

regards,
mike

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0585
[2] http://www.ubuntu.com/usn/USN-737-1

--- End Message ---

--- Begin Message ---

Version: 2.2.101-1

Am Montag, den 16.03.2009, 19:56 -0400 schrieb Michael Gilbert:
> package: libsoup
> severity: grave
> tags: security
> 
> it has been found that libsoup is vulnerable to an integer overflow
> attack, see CVE-2009-0585 [1].  details are:
> 
>   Integer overflow in the soup_base64_encode function in soup-misc.c in
>   libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows
>   context-dependent attackers to execute arbitrary code via a long
>   string that is converted to a base64 representation.
> 
> since this allows remote attackers to execute arbitrary code, it
> should be treated with high urgency.

This is fixed already in version 2.2.101-1 which is also in stable by
using the GLib functions (which are still vulnerable in stable but I've
contacted the security team already).

signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

--- End Message ---