Your message dated Sat, 02 Mar 2013 19:02:04 +0000
with message-id <[email protected]>
and subject line Bug#700098: fixed in cfingerd 1.4.3-3+squeeze1
has caused the Debian Bug report #700098,
regarding cfingerd: CVE-2013-1049 remote buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
700098: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700098
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cfingerd
Version: 1.4.3-3
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu raring ubuntu-patch
*** /tmp/tmpntc4Ea/bug_body
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: fix buffer overflow in rfc1413 (ident) client
(LP: #1104425).
- CVE-2013-1049
This vulnerability to have been introduced by the following:
* Applied IPv6 patch from Mats Erik Andersson
<[email protected]> (closes: Bug#570024)
See dowstream bug report for more information:
https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425
Thanks for considering the patch.
-- System Information:
Debian Release: wheezy/sid
APT prefers quantal-updates
APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500,
'quantal-proposed'), (500, 'quantal'), (100, 'quantal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5.0-23-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u cfingerd-1.4.3/debian/changelog cfingerd-1.4.3/debian/changelog
diff -u cfingerd-1.4.3/src/rfc1413.c cfingerd-1.4.3/src/rfc1413.c
--- cfingerd-1.4.3/src/rfc1413.c
+++ cfingerd-1.4.3/src/rfc1413.c
@@ -25,7 +25,9 @@
* the implementation. Completely rewritten by yours truly to be self-
* contained in a single program. Simple, easy to use.
*/
-#define BUFLEN (2 * INET6_ADDRSTRLEN)
+#define UNAMELEN 64
+#define BUFLEN UNAMELEN + INET6_ADDRSTRLEN + 2
+#define INPUTLEN 256
char *get_rfc1413_data(struct sockaddr_storage * local_addr,
struct sockaddr_storage * peer_addr )
{
@@ -34,7 +36,7 @@
struct sockaddr_storage sin;
struct sockaddr_in *sa4 = (struct sockaddr_in *) &sin;
struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &sin;
- char buffer[1024], buf[BUFLEN], uname[64], *bleah;
+ char buffer[1024], buf[INPUTLEN], uname[UNAMELEN], *bleah;
char *cp, *xp;
struct servent *serv;
--- End Message ---
--- Begin Message ---
Source: cfingerd
Source-Version: 1.4.3-3+squeeze1
We believe that the bug you reported is fixed in the latest version of
cfingerd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated cfingerd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 27 Feb 2013 21:30:04 +0100
Source: cfingerd
Binary: cfingerd
Architecture: source amd64
Version: 1.4.3-3+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Martin Schulze <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
cfingerd - configurable finger daemon
Closes: 700098
Changes:
cfingerd (1.4.3-3+squeeze1) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* [SECURITY] CVE-2013-1049: fix buffer overflow in rfc1413 (ident) client.
Thanks to Malcolm Scott <[email protected]> and Marc Deslauriers
<[email protected]> (Closes: #700098) (LP: #1104425)
Checksums-Sha1:
ac5d9d4c679d41f86d08e7f3f88bd5dba4241559 1625 cfingerd_1.4.3-3+squeeze1.dsc
47f19ecf667331a480d1c29b546ab0b02dc9008f 99898 cfingerd_1.4.3.orig.tar.gz
9f7824ce1adb9ad9db54e925f9f2924a59eb246c 21383
cfingerd_1.4.3-3+squeeze1.diff.gz
37357ae7fa400111070b1649270b14df2229b049 80190
cfingerd_1.4.3-3+squeeze1_amd64.deb
Checksums-Sha256:
4d8b855770e614d0e29405bfc62a2c34deae2841afe7333abee23c50f28c141f 1625
cfingerd_1.4.3-3+squeeze1.dsc
61b5efdbbe881fe35c39ca243fc11cf52d219a4f61104f1052a900fc7acb0fb0 99898
cfingerd_1.4.3.orig.tar.gz
6102389a72420bcb239a4ba6b206f162759e0a202feb432f064e51fc4b5398f7 21383
cfingerd_1.4.3-3+squeeze1.diff.gz
92cced785a193337c56d645c147cbd09e995d5033a88b5f62a5107150aa864b6 80190
cfingerd_1.4.3-3+squeeze1_amd64.deb
Files:
4ff4884e8cbfb37f970151e5f0a477ad 1625 net extra cfingerd_1.4.3-3+squeeze1.dsc
fe9365f811624248aa3df52c4a832fc7 99898 net extra cfingerd_1.4.3.orig.tar.gz
8ddecbcfcc52599032f72c38c6de8173 21383 net extra
cfingerd_1.4.3-3+squeeze1.diff.gz
0aabf97f019eaa1fb7f66d07d86e67c6 80190 net extra
cfingerd_1.4.3-3+squeeze1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCgAGBQJRL7o6AAoJEHidbwV/2GP+rLQP/1YIz1pFDu4qTTYUN6zIFnKb
Vl0ZmEZH8M5SaT7vX5bSUxEZ8gcykqaiIPoI/VyBWHL03T3r4Ldu+uWu8MTxFWWn
fanJrSok+WqhQCDAyQ0LFS5mSJ/lz24xWiasKhjjW/MQLM51yYtH5QKN+SdjtUjp
lH/W9AlyaJ2LHBSS3bjeId6SLqr7PGBI2JcnkNwyLxv722VGp2WzmLH8HqjWewjH
6K5a/H8vkfpMVx5pZKgQ+49vlrsl+ccowm40MS6HCbhXcQYEpoGrekY/2fuPJuyr
6Q+4v8HP1ak2QCBYeZh+YyBloH7wiQPLxprDDAEyPwtGt4FuEm19s0V9p9uOs9MB
H/rQTpOHnc3fAAwhVP+v2Wcm/QJtVUe9hNG28TCURHzxkyAFJ8vy1+Z9JNSnl8f+
Io3m+0GlPfKKNZ+cI4SO0rLmJBiEtD7lfqCD5qa+TyEby0S3nwa9KClZM6pnuyO4
rJRe6CYiVQ96ux6FfUX3wVpPtg+qpim0aKK1RtZRKXdoW+8qk26TPSeDiYtEfm37
7s55VCJt+2sSxkPhjxCyw3lG1cmhlP68X67t0kRLAIifJpZlwr1LMiPaqOV4Por3
9XUKaaML1CPpPNDl+XBw27aIJi7veGhtjmLKhJCU2L8iqyOUGXnmApMN/tBmIvX7
qElmNZ5/IUAQpWYGdeQu
=Vuv2
-----END PGP SIGNATURE-----
--- End Message ---
