Hi release team, the security team deferred patching CVE-2009-1391 to the stable update. This needs to be fixed both in perl and the separate libcompress-raw-zlib-perl. Please let me know if I can upload the latter with the attached debdiff.
Thanks for your work, -- Niko Tyni nt...@debian.org
diff -u libcompress-raw-zlib-perl-2.012/debian/changelog libcompress-raw-zlib-perl-2.012/debian/changelog --- libcompress-raw-zlib-perl-2.012/debian/changelog +++ libcompress-raw-zlib-perl-2.012/debian/changelog @@ -1,3 +1,10 @@ +libcompress-raw-zlib-perl (2.012-1lenny1) stable; urgency=high + + * [SECURITY] CVE-2009-1391: Fix a buffer overflow in inflate(). + (Closes: #532738) + + -- Niko Tyni <nt...@debian.org> Sat, 13 Jun 2009 22:19:41 +0300 + libcompress-raw-zlib-perl (2.012-1) unstable; urgency=low * New upstream release diff -u libcompress-raw-zlib-perl-2.012/debian/patches/series libcompress-raw-zlib-perl-2.012/debian/patches/series --- libcompress-raw-zlib-perl-2.012/debian/patches/series +++ libcompress-raw-zlib-perl-2.012/debian/patches/series @@ -1 +1,2 @@ +CVE-2009-1391 use-debian-zlib.patch only in patch2: unchanged: --- libcompress-raw-zlib-perl-2.012.orig/debian/patches/CVE-2009-1391 +++ libcompress-raw-zlib-perl-2.012/debian/patches/CVE-2009-1391 @@ -0,0 +1,18 @@ +[SECURITY] CVE-2009-1391: Fix a buffer overflow in inflate(). + +Closes: #532738 + +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1391 + +Fix cherry-picked from upstream version 2.017. +--- libcompress-raw-zlib-perl-2.012.orig/Zlib.xs ++++ libcompress-raw-zlib-perl-2.012/Zlib.xs +@@ -1319,7 +1319,7 @@ + while (RETVAL == Z_OK) { + if (s->stream.avail_out == 0 ) { + /* out of space in the output buffer so make it bigger */ +- Sv_Grow(output, SvLEN(output) + bufinc) ; ++ Sv_Grow(output, SvLEN(output) + bufinc +1) ; + cur_length += increment ; + s->stream.next_out = (Bytef*) SvPVbyte_nolen(output) + cur_length ; + increment = bufinc ;
