Your message dated Sun, 24 Jan 2010 13:03:39 +0100
with message-id <4b5c371b.8040...@gmail.com>
and subject line Re: Bug#566002: CVE-2010-0001: integer underflow
has caused the Debian Bug report #566002,
regarding CVE-2010-0001: integer underflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
566002: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566002
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gzip
Version: 1.3.12-8
Severity: grave
Tags: security patch
Hi Bdale, Carl
Carl, I saw too late that you're a new co-maintainer so I only
forwarded the pre-notification to Bdale (who is probably busy at LCA).
i
the following CVE (Common Vulnerabilities & Exposures) id was
published for gzip and is still open for unstable/testing.
CVE-2010-0001[0] (from the DSA text):
Aki Helin discovered an integer underflow when decompressing files that
are compressed using the LZW algorithm. This could lead to the execution
of arbitrary code when trying to decompress a crafted LZW compressed
gzip archive.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
I am available for NMU/sponsoring, in case you're still busy, just drop
me a line, please.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
http://security-tracker.debian.org/tracker/CVE-2010-0001
patch:
--- gzip-1.3.12.orig/unlzw.c
+++ gzip-1.3.12/unlzw.c
@@ -248,7 +248,8 @@
int o;
resetbuf:
- e = insize-(o = (posbits>>3));
+ o = posbits >> 3;
+ e = o <= insize ? insize - o : 0;
for (i = 0 ; i < e ; ++i) {
inbuf[i] = inbuf[i+o];
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Version: 1.3.12-9
This bug was fixed in the package but the bug number was not mentioned
in the changelog.
- --
=Do-
N.AND
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAktcNxsACgkQrdZ2oYS0I7Iu/wCfeMSVZJUP0sCY8RXZWwMbtN8G
yT4AoMGPgaBKRrkcYk5gG9zOZoVRzsYf
=MhuY
-----END PGP SIGNATURE-----
--- End Message ---
