Your message dated Fri, 21 Apr 2017 17:04:12 +0000
with message-id <[email protected]>
and subject line Bug#854804: fixed in sane-backends 1.0.25-4
has caused the Debian Bug report #854804,
regarding saned: CVE-2017-6318: SANE_NET_CONTROL_OPTION response packet may 
contain memory contents of the server
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
854804: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854804
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sane-utils
Version: 1.0.25-3
Severity: grave
Tags: security upstream
Justification: user security hole

Dear Maintainer,

When saned received a SANE_NET_CONTROL_OPTION packet with value_type ==
SANE_TYPE_STRING and value_size larger than the actual length of the
requested string, the response packet from the server contains a string
object as long as value_size in the request. The bytes following the
actual string appears to contain memory contents from the server.

It may be possible to trigger this bug with other packet types, but I
have not verified this.

I have previously filed a bug in the SANE bug tracker on Alioth
(#315576), but I received no response.


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.8.0-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sane-utils depends on:
ii  adduser                3.115
ii  debconf [debconf-2.0]  1.5.60
ii  init-system-helpers    1.47
ii  libavahi-client3       0.6.32-2
ii  libavahi-common3       0.6.32-2
ii  libc6                  2.24-9
ii  libieee1284-3          0.2.11-13
ii  libjpeg62-turbo        1:1.5.1-2
ii  libpng16-16            1.6.28-1
ii  libsane                1.0.25-3
ii  libsystemd0            232-6
ii  libusb-1.0-0           2:1.0.21-1
ii  lsb-base               9.20161125
ii  update-inetd           4.44

sane-utils recommends no packages.

Versions of packages sane-utils suggests:
ii  avahi-daemon  0.6.32-2
pn  unpaper       <none>

-- debconf information excluded

--- End Message ---
--- Begin Message ---
Source: sane-backends
Source-Version: 1.0.25-4

We believe that the bug you reported is fixed in the latest version of
sane-backends, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jörg Frings-Fürst <[email protected]> (supplier of updated 
sane-backends package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 19 Apr 2017 12:07:38 +0200
Source: sane-backends
Binary: sane-utils libsane-common libsane libsane-dev libsane-dbg
Architecture: source all amd64
Version: 1.0.25-4
Distribution: sid
Urgency: medium
Maintainer: Jörg Frings-Fürst <[email protected]>
Changed-By: Jörg Frings-Fürst <[email protected]>
Description:
 libsane    - API library for scanners
 libsane-common - API library for scanners -- documentation and support files
 libsane-dbg - API development library for scanners [debug symbols]
 libsane-dev - API development library for scanners [development files]
 sane-utils - API library for scanners -- utilities
Closes: 854804
Changes:
 sane-backends (1.0.25-4) unstable; urgency=medium
 .
   * CVE-2017-6318:
     - New debian/patches/0500-CVE-2017-6318.patch
       + cherry-picked from upstream to fix memory corruption and
         information leakage (Closes: #854804).
Checksums-Sha1:
 87ec5495e8d612aad027ee494cbc4a0d6da7ced8 2483 sane-backends_1.0.25-4.dsc
 9e539a8d188b423385175fd6902a86acd17486d7 111916 
sane-backends_1.0.25-4.debian.tar.xz
 118a68870874230bd79c4744539cd869d50fc582 1012304 
libsane-common_1.0.25-4_all.deb
 4000b0ec59ca99b8f633d08f3dbed1b25cefbe1d 7044372 libsane-dbg_1.0.25-4_amd64.deb
 5ae402a98fbcb231234b5452deb8db334afe6c21 2268916 libsane-dev_1.0.25-4_amd64.deb
 d45c864e948133bbe23b09d7608e875404bdeda6 2112160 libsane_1.0.25-4_amd64.deb
 f82e31b8c287d24332f8effd022de07617ca8bc9 10456 
sane-backends_1.0.25-4_amd64.buildinfo
 196b1a9d4f662bee0da0c904b1a1d5503a3aed6f 224860 sane-utils_1.0.25-4_amd64.deb
Checksums-Sha256:
 4e1b29bd7ee3a53927b12d977636925fd3b5cc9aaf84b226a12abc403abdb3da 2483 
sane-backends_1.0.25-4.dsc
 a8dc4d6c377e31b5317fd2f5a28c321c6f212bfe3e8e3957ab1e26a5df9be6ac 111916 
sane-backends_1.0.25-4.debian.tar.xz
 a3e74838f9f5090bba717e7fbf3085d7c492104ca3a73a00c6cf4a1ee31bef3b 1012304 
libsane-common_1.0.25-4_all.deb
 587fb44ee003a1260f55bff589bc27cf0ac2fee8c3b28f37391ee6888d0c3f76 7044372 
libsane-dbg_1.0.25-4_amd64.deb
 c3bde207d8227c8a696d2557d3e11e2d4ef37e96f87f9b0fe4b5df270db4a160 2268916 
libsane-dev_1.0.25-4_amd64.deb
 6374ae8b147b02088a0316e742b05530861f3a02a5f5018df551556c4ee89221 2112160 
libsane_1.0.25-4_amd64.deb
 67b34404589a78ff147a0ea6db2a2f266643d8d0bb75af06b1fe1b46b9c90a9a 10456 
sane-backends_1.0.25-4_amd64.buildinfo
 33e46c78d9f905f7aec9875936e6e8d34c9ff2a5e919ae5fb0685fc2c28a206b 224860 
sane-utils_1.0.25-4_amd64.deb
Files:
 acf2151d38381b820a0ac2010d8e0a66 2483 graphics optional 
sane-backends_1.0.25-4.dsc
 c1c5f8dc218505210dac623a4ce1926d 111916 graphics optional 
sane-backends_1.0.25-4.debian.tar.xz
 ce2a85f5502279d3d97d41e347258696 1012304 libs optional 
libsane-common_1.0.25-4_all.deb
 df5e47046e0e7f704118ffd9c3bce874 7044372 debug extra 
libsane-dbg_1.0.25-4_amd64.deb
 43403de32daa7558ec850addc6f853d4 2268916 libdevel optional 
libsane-dev_1.0.25-4_amd64.deb
 9a1ebedc9365b89ca5de54667a0d6b9a 2112160 libs optional 
libsane_1.0.25-4_amd64.deb
 b486f4598d98e2269976d374ba9ac38b 10456 graphics optional 
sane-backends_1.0.25-4_amd64.buildinfo
 f31f68c60fe3f6d92f330fc397bffb93 224860 graphics optional 
sane-utils_1.0.25-4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYv+KdYTgKVaVRgAGdCY7N/W1+RMFAlj6NxEACgkQdCY7N/W1
+RNhyQ//eehvbqJRmeJ+SF1zpn75xP8wJ9WnvQwYj7hd84itQ1z3exJldOTGxh/W
5h4t5eKPzUM9hP6AZz3ydCxpvTI/XqKb8VM2xOetlP2wJ6GLMgigx0RgIoJz2As0
T2Ni+wocQo+I52qfbKVMOTcYc0cJ7bv286J4OLJP5zFgHv2SNthR/ZWFVbr64fEx
yH0VVl8koX/BSywQ6f7ZHDdNhE2yKVZS3xVgN+qtRh+Vl80esx1/I108j44hfMbx
IE+pCDwwZw8SGT5AkRiQclkg+AOnDIBsWoD8Wfvvst4dpqwpsXbKhBWKCjYYpGm1
SG25Yhdt1vZrxtviOFc8JTMZVGLxFZN51PsskdvSG3ZMlJrF4XpsXxq/WWWcG1O8
5DmI3Ujuh8jCpmhSAHKdFgpUcLZIoAD9RxSpTEEqdPDwlIyrdQoFIV49RgRVIuFi
Z3p8XaBSvrodn9HGDZhju/fSq2ELUsXwcyXbU1xkiNeLpzIUezD7q6iYadVsSrRP
O9XjPgeOTkl3hrRJAPRq7cvX72oLDO7QrG7VbVZ5YxluFES9e7o1s7e94HNlm0Qm
gvOQrhDZhHSTIp8CtZOlXDSF0N/bTFCcTAgd5yzzLqPNWpB5aQMAaSbzMLzJZEZv
bZtrZM6j154+Uy11nZdDT5dsprh+EOBjP615zNF5Cj2qrKtCqMA=
=b5us
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to