Bug#1004267: marked as done (buster-pu: package libpcap/1.8.1-6+deb10u1)

Sat, 26 Mar 2022 05:16:21 -0700 

Your message dated Sat, 26 Mar 2022 12:02:22 +0000
with message-id 
<540de30a27d37c3ff416b94b1adf7ff2a2cab257.ca...@adam-barratt.org.uk>
and subject line Closing requests for updates in 10.12
has caused the Debian Bug report #1004267,
regarding buster-pu: package libpcap/1.8.1-6+deb10u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1004267: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004267
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: Romain Francoise <rfranco...@debian.org>, t...@security.debian.org

  * CVE-2019-15165: Improper PHB header length validation.
    (Closes: #941697)

diff -Nru libpcap-1.8.1/debian/changelog libpcap-1.8.1/debian/changelog
--- libpcap-1.8.1/debian/changelog      2017-12-31 17:56:33.000000000 +0200
+++ libpcap-1.8.1/debian/changelog      2022-01-23 23:00:19.000000000 +0200
@@ -1,3 +1,11 @@
+libpcap (1.8.1-6+deb10u1) buster; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2019-15165: Improper PHB header length validation.
+    (Closes: #941697)
+
+ -- Adrian Bunk <b...@debian.org>  Sun, 23 Jan 2022 23:00:19 +0200
+
 libpcap (1.8.1-6) unstable; urgency=medium
 
   * debian/watch: add pgpsigurlmangle option.
diff -Nru 
libpcap-1.8.1/debian/patches/0001-do-sanity-checks-on-PHB-header-length-before-allocat.patch
 
libpcap-1.8.1/debian/patches/0001-do-sanity-checks-on-PHB-header-length-before-allocat.patch
--- 
libpcap-1.8.1/debian/patches/0001-do-sanity-checks-on-PHB-header-length-before-allocat.patch
        1970-01-01 02:00:00.000000000 +0200
+++ 
libpcap-1.8.1/debian/patches/0001-do-sanity-checks-on-PHB-header-length-before-allocat.patch
        2022-01-23 23:00:07.000000000 +0200
@@ -0,0 +1,53 @@
+From 7ef51510ab5b337cb8b34e1dbe9c9a64fc2c20b9 Mon Sep 17 00:00:00 2001
+From: Michael Richardson <m...@sandelman.ca>
+Date: Fri, 20 Sep 2019 11:02:00 -0400
+Subject: do sanity checks on PHB header length before allocating memory. There
+ was no fault; but doing the check results in a more consistent error
+
+---
+ sf-pcap-ng.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/sf-pcap-ng.c b/sf-pcap-ng.c
+index 0c02829e..860487b7 100644
+--- a/sf-pcap-ng.c
++++ b/sf-pcap-ng.c
+@@ -102,7 +102,7 @@ struct option_header {
+  * Section Header Block.
+  */
+ #define BT_SHB                        0x0A0D0D0A
+-
++#define BT_SHB_INSANE_MAX       1024U*1024U*1U  /* 1MB should be enough */
+ struct section_header_block {
+       bpf_u_int32     byte_order_magic;
+       u_short         major_version;
+@@ -247,7 +247,7 @@ read_bytes(FILE *fp, void *buf, size_t bytes_to_read, int 
fail_on_eof,
+                       if (amt_read == 0 && !fail_on_eof)
+                               return (0);     /* EOF */
+                       pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE,
+-                          "truncated dump file; tried to read %lu bytes, only 
got %lu",
++                          "truncated pcap-ng dump file; tried to read %lu 
bytes, only got %lu",
+                           (unsigned long)bytes_to_read,
+                           (unsigned long)amt_read);
+               }
+@@ -798,11 +798,14 @@ pcap_ng_check_header(bpf_u_int32 magic, FILE *fp, u_int 
precision, char *errbuf,
+       /*
+        * Check the sanity of the total length.
+        */
+-      if (total_length < sizeof(*bhdrp) + sizeof(*shbp) + sizeof(struct 
block_trailer)) {
++      if (total_length < sizeof(*bhdrp) + sizeof(*shbp) + sizeof(struct 
block_trailer) ||
++            (total_length > BT_SHB_INSANE_MAX)) {
+               pcap_snprintf(errbuf, PCAP_ERRBUF_SIZE,
+-                  "Section Header Block in pcap-ng dump file has a length of 
%u < %lu",
++                  "Section Header Block in pcap-ng dump file has invalid 
length %lu < _%u_ < %u (BT_SHB_INSANE_MAX)",
++                  (unsigned long)(sizeof(*bhdrp) + sizeof(*shbp) + 
sizeof(struct block_trailer)),
+                   total_length,
+-                  (unsigned long)(sizeof(*bhdrp) + sizeof(*shbp) + 
sizeof(struct block_trailer)));
++                  BT_SHB_INSANE_MAX);
++
+               *err = 1;
+               return (NULL);
+       }
+-- 
+2.20.1
+
diff -Nru libpcap-1.8.1/debian/patches/series 
libpcap-1.8.1/debian/patches/series
--- libpcap-1.8.1/debian/patches/series 2017-12-31 17:31:01.000000000 +0200
+++ libpcap-1.8.1/debian/patches/series 2022-01-23 23:00:17.000000000 +0200
@@ -8,3 +8,4 @@
 disable-remote.diff
 man-errors.diff
 pcap-config.diff
+0001-do-sanity-checks-on-PHB-header-length-before-allocat.patch

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 10.12

Hi,

The updates referenced in these requests were included in oldstable as
part of today's 10.12 point release.

Regards,

Adam

--- End Message ---

Reply via email to