Your message dated Tue, 27 Feb 2007 17:47:04 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#408530: fixed in isdnutils 1:3.9.20060704-3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: libcapi20-3 Version: 1:3.9.20060704-2.2 Severity: important the bufprint routine used by capi_cmsg2str does an unbounded vsprintf into a 8192 byte buffer, perhaps hoping it's big enough. It isn't. Looks like someone needs some vsnprintf like training wheels. (around line 898 in "convert.c") #4 0xb7c9e811 in raise () from /lib/tls/i686/cmov/libc.so.6 #5 0xb7c9ffb9 in abort () from /lib/tls/i686/cmov/libc.so.6 #6 0xb6bbf21c in bufprint (fmt=0xb6bc061f " %02x") at convert.c:910 #7 0xb6bbf63f in protocol_message_2_pars (cmsg=0xb69d4234, level=2) at convert.c:927 #8 0xb6bbf34c in protocol_message_2_pars (cmsg=0xb69d4234, level=1) at convert.c:1003 #9 0xb6bbf722 in capi_cmsg2str (cmsg=0xb69d4234) at convert.c:1045 #10 0xb6be4d16 in capidev_loop (data=0x0) at chan_capi.c:4051 #11 0x080ed2c0 in dummy_start (data=0x81e6ee8) at utils.c:545 #12 0xb7f16240 in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 #13 0xb7d4132e in clone () from /lib/tls/i686/cmov/libc.so.6 (gdb) frame 7 #7 0xb6bbf63f in protocol_message_2_pars (cmsg=0xb69d4234, level=2) at convert.c:927 927 bufprint(" %02x", *m); (gdb) p p - buf $1 = 8194 (gdb) p *cmsg $2 = {ApplId = 1, Command = 2 '\002', Subcommand = 130 '\202', Messagenumber = 5019, adr = {adrController = 257, adrPLCI = 257, adrNCCI = 257}, AdditionalInfo = CAPI_COMPOSE, B1configuration = 0x0, B1protocol = 0, B2configuration = 0x0, B2protocol = 0, B3configuration = 0x0, B3protocol = 0, BC = 0xb6b4eb5e "\003\200\220�", BChannelinformation = 0xb6b4eb67 "", BProtocol = CAPI_COMPOSE, CalledPartyNumber = 0xb6b4eb5a "", CalledPartySubaddress = 0xb6b4eb5c "", CallingPartyNumber = 0xb6b4eb5b "", CallingPartySubaddress = 0xb6b4eb5d "", CIPmask = 0, CIPmask2 = 0, CIPValue = 16, Class = 0, ConnectedNumber = 0x0, ConnectedSubaddress = 0x0, Data32 = 0, Data64 = 0, DataHandle = 0, DataLength = 0, FacilityConfirmationParameter = 0x0, Facilitydataarray = 0xb6b4eb6a "", FacilityIndicationParameter = 0x0, FacilityRequestParameter = 0x0, FacilityResponseParameters = 0x0, FacilitySelector = 0, Flags = 0, Function = 0, Globalconfiguration = 0x0, HLC = 0xb6b4eb63 "\002\221\201\004", Info = 0, InfoElement = 0x0, InfoMask = 0, InfoNumber = 0, Keypadfacility = 0xb6b4eb68 "", LLC = 0xb6b4eb62 "", ManuData = 0x0, ManuID = 0, NCPI = 0x0, Reason = 0, Reason_B3 = 0, Reject = 0, Useruserdata = 0xb6b4eb69 "", SendingComplete = 0xb6b4eb6b '�' <repeats 127 times>, Data = 0x0, l = 31, p = 14, par = 0xb6bc0bbc "\003\024\016\020\017\021\v)#\004\f(0\0342\001\001", m = 0xb6b4eb4c "\037", buf = '\0' <repeats 179 times>} -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-jh-1 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages libcapi20-3 depends on: ii libc6 2.3.6.ds1-10 GNU C Library: Shared libraries libcapi20-3 recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: isdnutils Source-Version: 1:3.9.20060704-3 We believe that the bug you reported is fixed in the latest version of isdnutils, which is due to be installed in the Debian FTP archive: capiutils_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/capiutils_3.9.20060704-3_amd64.deb ipppd_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/ipppd_3.9.20060704-3_amd64.deb isdnactivecards_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnactivecards_3.9.20060704-3_amd64.deb isdneurofile_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdneurofile_3.9.20060704-3_amd64.deb isdnlog-data_3.9.20060704-3_all.deb to pool/main/i/isdnutils/isdnlog-data_3.9.20060704-3_all.deb isdnlog_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnlog_3.9.20060704-3_amd64.deb isdnutils-base_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnutils-base_3.9.20060704-3_amd64.deb isdnutils-doc_3.9.20060704-3_all.deb to pool/main/i/isdnutils/isdnutils-doc_3.9.20060704-3_all.deb isdnutils-xtools_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnutils-xtools_3.9.20060704-3_amd64.deb isdnutils_3.9.20060704-3.diff.gz to pool/main/i/isdnutils/isdnutils_3.9.20060704-3.diff.gz isdnutils_3.9.20060704-3.dsc to pool/main/i/isdnutils/isdnutils_3.9.20060704-3.dsc isdnutils_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnutils_3.9.20060704-3_amd64.deb isdnvbox_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnvbox_3.9.20060704-3_amd64.deb isdnvboxclient_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnvboxclient_3.9.20060704-3_amd64.deb isdnvboxserver_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/isdnvboxserver_3.9.20060704-3_amd64.deb libcapi20-3_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/libcapi20-3_3.9.20060704-3_amd64.deb libcapi20-dev_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/libcapi20-dev_3.9.20060704-3_amd64.deb pppdcapiplugin_3.9.20060704-3_amd64.deb to pool/main/i/isdnutils/pppdcapiplugin_3.9.20060704-3_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Paul Slootman <[EMAIL PROTECTED]> (supplier of updated isdnutils package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 27 Feb 2007 16:48:24 +0100 Source: isdnutils Binary: isdnvbox isdnlog isdnutils isdneurofile isdnutils-xtools isdnutils-base isdnvboxserver isdnutils-doc isdnactivecards isdnlog-data pppdcapiplugin ipppd libcapi20-dev capiutils isdnvboxclient libcapi20-3 Architecture: source all amd64 Version: 1:3.9.20060704-3 Distribution: unstable Urgency: high Maintainer: Paul Slootman <[EMAIL PROTECTED]> Changed-By: Paul Slootman <[EMAIL PROTECTED]> Description: capiutils - Utilities for CAPI-capable ISDN cards ipppd - PPP daemon for syncPPP over ISDN isdnactivecards - Support utilities for active ISDN cards. isdneurofile - ISDN eurofile transfer tool isdnlog - ISDN connection logger isdnlog-data - data for isdnlog users isdnutils - Most important ISDN-related packages and utilities isdnutils-base - ISDN utilities, the basic (minimal) set isdnutils-doc - Extensive documentation for isdnutils isdnutils-xtools - ISDN utilities that use X isdnvbox - ISDN answering machine, client and server isdnvboxclient - ISDN answering machine, client isdnvboxserver - ISDN answering machine, server libcapi20-3 - libraries for CAPI support libcapi20-dev - libraries for CAPI support pppdcapiplugin - plugin for pppd to communicate with CAPI-capable ISDN cards Closes: 388610 392690 396301 408530 409039 412516 Changes: isdnutils (1:3.9.20060704-3) unstable; urgency=high . * Fix critical bug, potential buffer overflow in capi_cmsg2str, patch from Ben Hutchings. closes:#408530 * Acknowledge NMUs. closes:#392690 * Galician debconf translated added. closes:#412516 * Vietnamese updated. closes:#409039 * Use invoke-rc.d instead of directly calling the init script in isdnutils-base.prerm. closes:#396301 * Remove the explicit sourcing of /usr/share/debconf/confmodule in isdnutils-base.postrm, as now the debhelper thing works properly. closes:#388610 Files: 2cc4ef716457b305653b68a8d5852310 1180 utils extra isdnutils_3.9.20060704-3.dsc aba9ca67b9005cb739e99dff619ff9f8 791021 utils extra isdnutils_3.9.20060704-3.diff.gz a89a24bd1e1c25c69058f0038d7473e5 831392 utils extra isdnlog-data_3.9.20060704-3_all.deb c166e25f7cad64d06ac75c19d82339a7 658236 doc extra isdnutils-doc_3.9.20060704-3_all.deb 1be261fd1e87ea0f1e517058dc906466 30758 utils optional isdnutils_3.9.20060704-3_amd64.deb 8efee3a85722c1c4aac69d2661538786 159818 utils optional isdnutils-base_3.9.20060704-3_amd64.deb d8f37a8e84b4907059d079706ee3522c 47078 x11 extra isdnutils-xtools_3.9.20060704-3_amd64.deb 09ac0f408377116b26db92738c547190 174320 net extra ipppd_3.9.20060704-3_amd64.deb 460f6465f831c5413fb76439f8471629 593808 utils extra isdnlog_3.9.20060704-3_amd64.deb e5064eefa657a01b512026c2562344e8 25470 utils extra isdnvbox_3.9.20060704-3_amd64.deb 70b9ecaad553a7e1b56a889e01533389 69036 utils extra isdnvboxclient_3.9.20060704-3_amd64.deb baa2b6ca4c887fe9d4356661b12d1e6a 142976 utils extra isdnvboxserver_3.9.20060704-3_amd64.deb a992dbf478ec30a5b1d89a60e2c6ed46 84956 net extra capiutils_3.9.20060704-3_amd64.deb ef5692f096228764162658173458b92f 42240 libs extra libcapi20-3_3.9.20060704-3_amd64.deb 6f4ce34cf6b7d9e2598e064af2d4eb76 30660 libdevel extra libcapi20-dev_3.9.20060704-3_amd64.deb c9b5704af9d1b737d0f40ceb467f8b46 142822 net extra pppdcapiplugin_3.9.20060704-3_amd64.deb 69ed0be99953d2bb40d0c1fda5be3183 1652832 utils extra isdnactivecards_3.9.20060704-3_amd64.deb c648c4861fbeca877fbb09b94fd64459 178708 comm extra isdneurofile_3.9.20060704-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFF5GoRutvvqbTW3hMRAt74AJ9q+X6Qig52ovmWpy92b43l8fUy4ACfdcn3 jqW1tNVL6kMqOJCJ2Pxu9+Q= =U3Ew -----END PGP SIGNATURE-----
--- End Message ---
