Your message dated Fri, 29 Jan 2010 13:47:41 +0000
with message-id <e1narch-0002t2...@ries.debian.org>
and subject line Bug#550389: fixed in hybserv 1.9.2-4.1
has caused the Debian Bug report #550389,
regarding hybserv: misparsing when sent commands with tabs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
550389: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: hybserv
Version: 1.9.2-4
Severity: important
Tags: patch
Hi,
sending 'PRIVMSG memoserv :help \t' crashes hybserv.
GiveHelp is called with command="\t", so SplitBuf(command, &cav) at
helpserv.c:365 returns 0, and the next line calls strlcpy() with src ==
NULL.
I fixed this by replacing "while (*buf == ' ')" with "while
(IsSpace(*buf))" in mystring.c:145. This way the first parsing in
ms_process() returns 1, and m_help() calls GiveHelp with command ==
NULL, avoiding the crash.
All of mystring.c, memoserv.c and helpserv.c seem to be unchanged
between 1.9.2 and 1.9.4 so I'm pretty sure it's not fixed in any
upstream release.
Cheers,
Julien
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
Source: hybserv
Source-Version: 1.9.2-4.1
We believe that the bug you reported is fixed in the latest version of
hybserv, which is due to be installed in the Debian FTP archive:
hybserv_1.9.2-4.1.diff.gz
to main/h/hybserv/hybserv_1.9.2-4.1.diff.gz
hybserv_1.9.2-4.1.dsc
to main/h/hybserv/hybserv_1.9.2-4.1.dsc
hybserv_1.9.2-4.1_i386.deb
to main/h/hybserv/hybserv_1.9.2-4.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 550...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <wh...@debian.org> (supplier of updated hybserv package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 29 Jan 2010 14:30:27 +0100
Source: hybserv
Binary: hybserv
Architecture: source i386
Version: 1.9.2-4.1
Distribution: unstable
Urgency: high
Maintainer: Aurélien GÉRÔME <a...@roxor.cx>
Changed-By: Steffen Joeris <wh...@debian.org>
Description:
hybserv - IRC services for IRCD-Hybrid
Closes: 550389
Changes:
hybserv (1.9.2-4.1) unstable; urgency=high
.
* Non-maintainer upload by the security team
* Fix DoS via commands with tabs (Closes: #550389)
Fixes: CVE-2010-0303
* Add db_stop into hybserv.postinst to avoid that the postinst script
hangs due to open debconf file descriptors
Thanks to Julien Cristau
Checksums-Sha1:
7ced83be9e24e62d817c85af03a3942d6ab2336b 980 hybserv_1.9.2-4.1.dsc
e7dadf556b43cc4ed1c2ac279ac0afa20e2b1db1 12946 hybserv_1.9.2-4.1.diff.gz
8432987fde84342ddc728266dd3e0013bd7186c4 212000 hybserv_1.9.2-4.1_i386.deb
Checksums-Sha256:
339e87560ffd8c9dbf8d5eee839d6107043be6ee5ef70b798a0420893d2ffd57 980
hybserv_1.9.2-4.1.dsc
131ac9243089630ad556bce67ab4c1e4a387659616e57038623b0c22b217fee5 12946
hybserv_1.9.2-4.1.diff.gz
a6593da4598d2d9b1341c624cfc139d7d7995fbbf4fad8dff01e3246f489d18b 212000
hybserv_1.9.2-4.1_i386.deb
Files:
57bb4ed34dfb0bfd41e16d007819bf7c 980 net extra hybserv_1.9.2-4.1.dsc
f0c32f632f67779c7cfbb3d66ceea232 12946 net extra hybserv_1.9.2-4.1.diff.gz
c45860d825c29f039833381255efd821 212000 net extra hybserv_1.9.2-4.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkti5DEACgkQ62zWxYk/rQdArgCfa6/LAkDkqxDd2nzsLkxcEvbV
1okAn3TqILfkTdIYyrI3qtzrHheN0C8F
=e8ve
-----END PGP SIGNATURE-----
--- End Message ---
