Bug#914594: marked as done (stretch-pu: package ssh-agent-filter/0.4.2-1)

Sat, 16 Feb 2019 03:43:30 -0800 

Your message dated Sat, 16 Feb 2019 11:36:33 +0000
with message-id <1550316993.21192.50.ca...@adam-barratt.org.uk>
and subject line Closing bugs for updates included in 9.8
has caused the Debian Bug report #914594,
regarding stretch-pu: package ssh-agent-filter/0.4.2-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
914594: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914594
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: pu
Tags: stretch jessie
Severity: normal

bug with potential security implications, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914501

diff -Nru ssh-agent-filter-0.4.2/debian/changelog ssh-agent-filter-0.4.2/debian/changelog
--- ssh-agent-filter-0.4.2/debian/changelog	2016-08-27 23:36:56.000000000 +0200
+++ ssh-agent-filter-0.4.2/debian/changelog	2018-11-24 01:46:12.000000000 +0100
@@ -1,3 +1,9 @@
+ssh-agent-filter (0.4.2-1+deb9u1) stretch; urgency=medium
+
+  * backport fix for two-byte out-of-bounds stack write (Closes: #914501)
+
+ -- Timo Weingärtner <t...@tiwe.de>  Sat, 24 Nov 2018 01:46:12 +0100
+
 ssh-agent-filter (0.4.2-1) unstable; urgency=medium
 
   * New upstream release:
diff -Nru ssh-agent-filter-0.4.2/debian/gbp.conf ssh-agent-filter-0.4.2/debian/gbp.conf
--- ssh-agent-filter-0.4.2/debian/gbp.conf	2016-08-27 23:36:56.000000000 +0200
+++ ssh-agent-filter-0.4.2/debian/gbp.conf	2018-11-24 01:46:12.000000000 +0100
@@ -1,5 +1,5 @@
 [DEFAULT]
 upstream-branch=master
 upstream-tag=%(version)s
-debian-branch=debian
+debian-branch=debian-stretch
 pristine-tar=true
diff -Nru ssh-agent-filter-0.4.2/debian/patches/914501_fix_two-byte_oob_stack_write ssh-agent-filter-0.4.2/debian/patches/914501_fix_two-byte_oob_stack_write
--- ssh-agent-filter-0.4.2/debian/patches/914501_fix_two-byte_oob_stack_write	1970-01-01 01:00:00.000000000 +0100
+++ ssh-agent-filter-0.4.2/debian/patches/914501_fix_two-byte_oob_stack_write	2018-11-24 01:46:12.000000000 +0100
@@ -0,0 +1,26 @@
+Description: fix two-byte out-of-bounds stack write
+ BASE64_ENCODE_LENGTH() calculates the encoded size without padding
+Author: Timo Weingärtner <t...@tiwe.de>
+Origin: upstream, https://git.tiwe.de/ssh-agent-filter.git/commit/?id=87f2de93a6522bbcf17d1960e78641df8ecd85d3
+Bug-Debian: https://bugs.debian.org/914501
+Forwarded: not-needed
+Last-Update: 2018-11-24
+
+--- ssh-agent-filter-0.4.2.orig/ssh-agent-filter.C
++++ ssh-agent-filter-0.4.2/ssh-agent-filter.C
+@@ -116,12 +116,9 @@ string md5_hex (string const & s) {
+ }
+ 
+ string base64_encode (string const & s) {
+-	struct base64_encode_ctx ctx;
+-	base64_encode_init(&ctx);
+-	uint8_t b64[BASE64_ENCODE_LENGTH(s.size())];
+-	auto len = base64_encode_update(&ctx, b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
+-	len += base64_encode_final(&ctx, b64 + len);
+-	return {reinterpret_cast<char const *>(b64), len};
++	uint8_t b64[BASE64_ENCODE_RAW_LENGTH(s.size())];
++	base64_encode_raw(b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
++	return {reinterpret_cast<char const *>(b64), sizeof(b64)};
+ }
+ 
+ void cloexec (int fd) {
diff -Nru ssh-agent-filter-0.4.2/debian/patches/series ssh-agent-filter-0.4.2/debian/patches/series
--- ssh-agent-filter-0.4.2/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ ssh-agent-filter-0.4.2/debian/patches/series	2018-11-24 01:46:12.000000000 +0100
@@ -0,0 +1 @@
+914501_fix_two-byte_oob_stack_write

diff -Nru ssh-agent-filter-0.4/debian/changelog ssh-agent-filter-0.4/debian/changelog
--- ssh-agent-filter-0.4/debian/changelog	2014-10-21 17:40:14.000000000 +0200
+++ ssh-agent-filter-0.4/debian/changelog	2018-11-24 02:01:09.000000000 +0100
@@ -1,3 +1,9 @@
+ssh-agent-filter (0.4-2+deb8u1) jessie; urgency=medium
+
+  * backport fix for two-byte out-of-bounds stack write (Closes: #914501)
+
+ -- Timo Weingärtner <t...@tiwe.de>  Sat, 24 Nov 2018 02:01:09 +0100
+
 ssh-agent-filter (0.4-2) unstable; urgency=medium
 
   * add debian/patches/0001-workaround-FTBFS-caused-by-doko:
diff -Nru ssh-agent-filter-0.4/debian/gbp.conf ssh-agent-filter-0.4/debian/gbp.conf
--- ssh-agent-filter-0.4/debian/gbp.conf	2014-10-21 17:40:14.000000000 +0200
+++ ssh-agent-filter-0.4/debian/gbp.conf	2018-11-24 02:01:09.000000000 +0100
@@ -1,5 +1,5 @@
 [DEFAULT]
 upstream-branch=master
 upstream-tag=%(version)s
-debian-branch=debian
+debian-branch=debian-jessie
 pristine-tar=true
diff -Nru ssh-agent-filter-0.4/debian/patches/914501_fix_two-byte_oob_stack_write ssh-agent-filter-0.4/debian/patches/914501_fix_two-byte_oob_stack_write
--- ssh-agent-filter-0.4/debian/patches/914501_fix_two-byte_oob_stack_write	1970-01-01 01:00:00.000000000 +0100
+++ ssh-agent-filter-0.4/debian/patches/914501_fix_two-byte_oob_stack_write	2018-11-24 02:01:09.000000000 +0100
@@ -0,0 +1,26 @@
+Description: fix two-byte out-of-bounds stack write
+ BASE64_ENCODE_LENGTH() calculates the encoded size without padding
+Author: Timo Weingärtner <t...@tiwe.de>
+Origin: upstream, https://git.tiwe.de/ssh-agent-filter.git/commit/?id=87f2de93a6522bbcf17d1960e78641df8ecd85d3
+Bug-Debian: https://bugs.debian.org/914501
+Forwarded: not-needed
+Last-Update: 2018-11-24
+
+--- ssh-agent-filter-0.4.2.orig/ssh-agent-filter.C
++++ ssh-agent-filter-0.4.2/ssh-agent-filter.C
+@@ -116,12 +116,9 @@ string md5_hex (string const & s) {
+ }
+ 
+ string base64_encode (string const & s) {
+-	struct base64_encode_ctx ctx;
+-	base64_encode_init(&ctx);
+-	uint8_t b64[BASE64_ENCODE_LENGTH(s.size())];
+-	auto len = base64_encode_update(&ctx, b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
+-	len += base64_encode_final(&ctx, b64 + len);
+-	return {reinterpret_cast<char const *>(b64), len};
++	uint8_t b64[BASE64_ENCODE_RAW_LENGTH(s.size())];
++	base64_encode_raw(b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
++	return {reinterpret_cast<char const *>(b64), sizeof(b64)};
+ }
+ 
+ void cloexec (int fd) {
diff -Nru ssh-agent-filter-0.4/debian/patches/series ssh-agent-filter-0.4/debian/patches/series
--- ssh-agent-filter-0.4/debian/patches/series	2014-10-21 17:40:14.000000000 +0200
+++ ssh-agent-filter-0.4/debian/patches/series	2018-11-24 02:01:09.000000000 +0100
@@ -1 +1,2 @@
 0001-workaround-FTBFS-caused-by-doko
+914501_fix_two-byte_oob_stack_write

Attachment: signature.asc
Description: This is a digitally signed message part.


--- End Message ---
--- Begin Message --- 
Version: 9.8

Hi,

The update referenced by each of these bugs was included in this
morning's stretch point release.

Regards,

Adam

--- End Message ---

Reply via email to