Hi -release, I would like to upload geordi 0:20080725T0146-1+lenny1 to t-p-u to fix a DoS issue. The relevant changelog entry is:
geordi (0:20080725T0146-1+lenny1) testing-proposed-updates; urgency=low
* Ignore (rather than allow) fcntl system call to prevent a DoS. Upstream
writes:
By using fcntl with F_SETOWN to make the geordi process the owner of
its stdout and then using fcntl again to set O_ASYNC on stdout, the
C++ program could have the geordi process receive SIGIO, causing it
to shut down.
We only allowed fcntl because g++ appeared to need it. Upon closer
inspection, it turns out g++ only uses it to check some flags on the
precompiled header fd, and the system call can just be ignored
altogether.
Patch backported from upstream darcs repository.
The debdiff is attached to this mail. I will be making the parallel change
to sid's version this evening.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org
`-
diff --git a/debian/changelog b/debian/changelog
index 2382468..5fdc1ec 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,22 @@
+geordi (0:20080725T0146-1+lenny1) testing-proposed-updates; urgency=low
+
+ * Ignore (rather than allow) fcntl system call to prevent a DoS. Upstream
+ writes:
+
+ By using fcntl with F_SETOWN to make the geordi process the owner of its
+ stdout and then using fcntl again to set O_ASYNC on stdout, the C++
+ program could have the geordi process receive SIGIO, causing it to shut
+ down.
+
+ We only allowed fcntl because g++ appeared to need it. Upon closer
+ inspection, it turns out g++ only uses it to check some flags on the
+ precompiled header fd, and the system call can just be ignored
+ altogether.
+
+ Patch backported from upstream darcs repository.
+
+ -- Chris Lamb <la...@debian.org> Wed, 28 Jan 2009 21:54:03 +0000
+
geordi (0:20080725T0146-1) unstable; urgency=low
* New upstream release.
diff --git a/debian/control b/debian/control
index 34828b0..279c0a5 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,7 @@
Source: geordi
Section: net
Priority: optional
-Maintainer: Chris Lamb <ch...@chris-lamb.co.uk>
+Maintainer: Chris Lamb <la...@debian.org>
Build-Depends: debhelper (>= 5), ghc6 (>= 6.6.1), quilt, libboost-dev,
libghc6-parallel-dev, libghc6-mtl-dev, libghc6-regex-compat-dev,
libghc6-network-dev, libghc6-irc-dev, libghc6-utf8-string-dev
Standards-Version: 3.8.0
Vcs-Git: git://git.chris-lamb.co.uk/pkg-geordi.git
diff --git a/debian/patches/04-ignore-fcntl.diff
b/debian/patches/04-ignore-fcntl.diff
new file mode 100644
index 0000000..d1ed6f9
--- /dev/null
+++ b/debian/patches/04-ignore-fcntl.diff
@@ -0,0 +1,31 @@
+diff -urNad /tmp/bp-build/geordi-20080725T0146.orig/src/EvalCxx.hsc
/tmp/bp-build/geordi-20080725T0146/src/EvalCxx.hsc
+--- geordi-20080725T0146.orig/src/EvalCxx.hsc 2009-01-28 22:26:57.000000000
+0000
++++ geordi-20080725T0146/src/EvalCxx.hsc 2009-01-28 22:28:00.000000000
+0000
+@@ -269,8 +269,14 @@
+ ignored_syscalls, allowed_syscalls :: [SysCall]
+
+ ignored_syscalls = -- These are effectively replaced with "return 0;".
+- [ SYS_chmod, SYS_fadvise64, SYS_unlink, SYS_munmap, SYS_madvise, SYS_umask,
SYS_rt_sigaction, SYS_rt_sigprocmask, SYS_ioctl, SYS_setitimer, SYS_vfork {-
see "Secure compilation" -} ]
++ [ SYS_chmod, SYS_fadvise64, SYS_unlink, SYS_munmap, SYS_madvise, SYS_umask,
SYS_rt_sigaction, SYS_rt_sigprocmask, SYS_ioctl, SYS_setitimer, SYS_vfork {-
see "Secure compilation" -}
+
++ #ifdef __x86_64__
++ , SYS_fcntl
++ #else
++ , SYS_fcntl64
++ #endif
++ ]
+ allowed_syscalls =
+ [ SYS_open, SYS_write, SYS_uname, SYS_brk, SYS_read, SYS_mmap,
SYS_exit_group, SYS_getpid, SYS_access, SYS_getrusage, SYS_close,
SYS_gettimeofday, SYS_time, SYS_writev, SYS_execve, SYS_mprotect, SYS_getcwd,
SYS_times
+
+@@ -279,9 +285,9 @@
+ , SYS_getdents64, SYS_pread64, SYS_readv -- for gold
+
+ #ifdef __x86_64__
+- , SYS_stat, SYS_fstat, SYS_arch_prctl, SYS_getrlimit, SYS_fcntl,
SYS_lseek, SYS_lstat, SYS_dup
++ , SYS_stat, SYS_fstat, SYS_arch_prctl, SYS_getrlimit, SYS_lseek,
SYS_lstat, SYS_dup
+ #else
+- , SYS_fstat64, SYS_lstat64, SYS_stat64, SYS_ugetrlimit, SYS_fcntl64,
SYS__llseek, SYS_mmap2, SYS_mremap, SYS_set_thread_area, SYS_readlink
++ , SYS_fstat64, SYS_lstat64, SYS_stat64, SYS_ugetrlimit, SYS__llseek,
SYS_mmap2, SYS_mremap, SYS_set_thread_area, SYS_readlink
+ #endif
+ ]
+
diff --git a/debian/patches/series b/debian/patches/series
index 573ddbc..7c879e0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
01-jail-config.diff
02-gcc-c++0x-support-missing-unordered-map.diff
03-hsc2hs6.diff
+04-ignore-fcntl.diff
signature.asc
Description: PGP signature
