Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu
Dear release team, I have prepared a fix for bullseye, fixing CVE-2021-43618. The fix was also successfully fixed in unstable and testing. Gitlab-CI is employed for the package testing. Diff is aattached. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable Thanks Anton
diff -Nru gmp-6.2.1+dfsg/debian/changelog gmp-6.2.1+dfsg/debian/changelog --- gmp-6.2.1+dfsg/debian/changelog 2020-11-15 19:04:37.000000000 +0100 +++ gmp-6.2.1+dfsg/debian/changelog 2021-11-23 21:37:19.000000000 +0100 @@ -1,3 +1,10 @@ +gmp (2:6.2.1+dfsg-1+deb11u1) bullseye; urgency=medium + + * [ba91bc2] Add .gitlab-ci.yml + * [a848ad6] Avoid bit size overflows. CVE-2021-43618 + + -- Anton Gladky <gl...@debian.org> Tue, 23 Nov 2021 21:37:19 +0100 + gmp (2:6.2.1+dfsg-1) unstable; urgency=medium [ Steve Robbins ] diff -Nru gmp-6.2.1+dfsg/debian/.gitlab-ci.yml gmp-6.2.1+dfsg/debian/.gitlab-ci.yml --- gmp-6.2.1+dfsg/debian/.gitlab-ci.yml 1970-01-01 01:00:00.000000000 +0100 +++ gmp-6.2.1+dfsg/debian/.gitlab-ci.yml 2021-11-23 21:31:26.000000000 +0100 @@ -0,0 +1,6 @@ +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml +variables: + RELEASE: 'bullseye' + SALSA_CI_DISABLE_REPROTEST: 1 + SALSA_CI_DISABLE_BLHC: 1 diff -Nru gmp-6.2.1+dfsg/debian/patches/CVE-2021-43618.patch gmp-6.2.1+dfsg/debian/patches/CVE-2021-43618.patch --- gmp-6.2.1+dfsg/debian/patches/CVE-2021-43618.patch 1970-01-01 01:00:00.000000000 +0100 +++ gmp-6.2.1+dfsg/debian/patches/CVE-2021-43618.patch 2021-11-23 21:36:27.000000000 +0100 @@ -0,0 +1,25 @@ +# Origin: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e +# HG changeset patch +# User Marco Bodrato <bodr...@mail.dm.unipi.it> +# Date 1634836009 -7200 +# Node ID 561a9c25298e17bb01896801ff353546c6923dbd +# Parent e1fd9db13b475209a864577237ea4b9105b3e96e +mpz/inp_raw.c: Avoid bit size overflows + +Index: gmp/mpz/inp_raw.c +=================================================================== +--- gmp.orig/mpz/inp_raw.c ++++ gmp/mpz/inp_raw.c +@@ -88,8 +88,11 @@ mpz_inp_raw (mpz_ptr x, FILE *fp) + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = BITS_TO_LIMBS (abs_csize*8); ++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); + + if (abs_xsize != 0) + { diff -Nru gmp-6.2.1+dfsg/debian/patches/series gmp-6.2.1+dfsg/debian/patches/series --- gmp-6.2.1+dfsg/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ gmp-6.2.1+dfsg/debian/patches/series 2021-11-15 22:20:32.000000000 +0100 @@ -0,0 +1 @@ +CVE-2021-43618.patch
