Your message dated Thu, 26 Mar 2015 19:55:15 +0000
with message-id <1427399715.26766.71.ca...@adam-barratt.org.uk>
and subject line Re: Bug#781273: unblock: freexl/1.0.0g-1+deb8u1
has caused the Debian Bug report #781273,
regarding unblock: freexl/1.0.0g-1+deb8u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
781273: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781273
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package freexl
It fixes the security issues reported in #781228.
unblock freexl/1.0.0g-1+deb8u1
diff -Nru freexl-1.0.0g/debian/changelog freexl-1.0.0g/debian/changelog
--- freexl-1.0.0g/debian/changelog 2014-01-14 11:18:36.000000000 +0100
+++ freexl-1.0.0g/debian/changelog 2015-03-26 20:10:54.000000000 +0100
@@ -1,3 +1,12 @@
+freexl (1.0.0g-1+deb8u1) unstable; urgency=high
+
+ * Update my email to @debian.org address.
+ * Specify jessie branch in Vcs-Git field.
+ * Add patch to fix vulnerabilities identified by American Fuzzy Lop.
+ (closes: #781228)
+
+ -- Bas Couwenberg <sebas...@debian.org> Thu, 26 Mar 2015 11:44:10 +0100
+
freexl (1.0.0g-1) unstable; urgency=low
* New upstream release.
diff -Nru freexl-1.0.0g/debian/control freexl-1.0.0g/debian/control
--- freexl-1.0.0g/debian/control 2014-01-14 11:16:41.000000000 +0100
+++ freexl-1.0.0g/debian/control 2015-03-26 20:10:54.000000000 +0100
@@ -1,7 +1,7 @@
Source: freexl
Maintainer: Debian GIS Project <pkg-grass-de...@lists.alioth.debian.org>
Uploaders: David Paleino <da...@debian.org>,
- Bas Couwenberg <sebas...@xs4all.nl>
+ Bas Couwenberg <sebas...@debian.org>
Section: libs
Priority: optional
Build-Depends: debhelper (>= 9~),
@@ -9,7 +9,7 @@
dh-autoreconf
Standards-Version: 3.9.5
Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-grass/freexl.git
-Vcs-Git: git://anonscm.debian.org/pkg-grass/freexl.git
+Vcs-Git: git://anonscm.debian.org/pkg-grass/freexl.git -b jessie
Homepage: https://www.gaia-gis.it/fossil/freexl/
Package: libfreexl-dev
diff -Nru freexl-1.0.0g/debian/patches/afl-vulnerabilitities.patch freexl-1.0.0g/debian/patches/afl-vulnerabilitities.patch
--- freexl-1.0.0g/debian/patches/afl-vulnerabilitities.patch 1970-01-01 01:00:00.000000000 +0100
+++ freexl-1.0.0g/debian/patches/afl-vulnerabilitities.patch 2015-03-26 20:10:54.000000000 +0100
@@ -0,0 +1,63 @@
+Description: Fix critical bugs identified by American Fuzzy Lop.
+Origin: https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1
+Author: Alessandro Furieri <a.furi...@lqt.it>
+Bug-Debian: https://bugs.debian.org/781228
+
+--- a/src/freexl.c
++++ b/src/freexl.c
+@@ -1068,6 +1068,11 @@ allocate_cells (biff_workbook * workbook
+ unsigned int col;
+ biff_cell_value *p_cell;
+
++ if (workbook == NULL)
++ return FREEXL_NULL_ARGUMENT;
++ if (workbook->active_sheet == NULL)
++ return FREEXL_NULL_ARGUMENT;
++
+ /* allocating the cell values array */
+ workbook->active_sheet->cell_values =
+ malloc (sizeof (biff_cell_value) *
+@@ -1713,6 +1718,11 @@ parse_SST (biff_workbook * workbook, int
+ swap32 (&n_strings);
+ p_string = workbook->record + 8;
+ workbook->shared_strings.string_count = n_strings.value;
++ if (workbook->shared_strings.string_count > 1024 * 1024)
++ {
++ /* unexpected huge count ... cowardly giving up ... */
++ return FREEXL_INSUFFICIENT_MEMORY;
++ }
+ workbook->shared_strings.utf8_strings =
+ malloc (sizeof (char **) * workbook->shared_strings.string_count);
+ for (i_string = 0; i_string < workbook->shared_strings.string_count;
+@@ -3749,6 +3759,8 @@ read_biff_next_record (biff_workbook * w
+ unsigned int already_done;
+ unsigned int chunk =
+ workbook->sector_end - (workbook->p_in - workbook->sector_buf);
++ if (workbook->sector_end <= (workbook->p_in - workbook->sector_buf))
++ return -1;
+ memcpy (workbook->record, workbook->p_in, chunk);
+ workbook->p_in += chunk;
+ already_done = chunk;
+@@ -3825,6 +3837,10 @@ read_mini_biff_next_record (biff_workboo
+ workbook->record_type = record_type.value;
+ workbook->record_size = record_size.value;
+
++ if ((workbook->p_in - workbook->fat->miniStream) + workbook->record_size >
++ (int) workbook->size)
++ return 0; /* unexpected EOF */
++
+ memcpy (workbook->record, workbook->p_in, workbook->record_size);
+ workbook->p_in += record_size.value;
+
+@@ -4062,7 +4078,10 @@ common_open (const char *path, const voi
+ p_sheet->columns += 1;
+ ret = allocate_cells (workbook);
+ if (ret != FREEXL_OK)
+- return ret;
++ {
++ errcode = ret;
++ goto stop;
++ }
+ p_sheet->valid_dimension = 1;
+ workbook->second_pass = 1;
+ }
diff -Nru freexl-1.0.0g/debian/patches/series freexl-1.0.0g/debian/patches/series
--- freexl-1.0.0g/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ freexl-1.0.0g/debian/patches/series 2015-03-26 11:31:43.000000000 +0100
@@ -0,0 +1 @@
+afl-vulnerabilitities.patch
--- End Message ---
--- Begin Message ---
On Thu, 2015-03-26 at 20:23 +0100, Bas Couwenberg wrote:
> Please unblock package freexl
>
> It fixes the security issues reported in #781228.
Unblocked earlier on when I spotted the bug closure. I'm confused as to
why this wasn't 1.0.0g-2, however.
Regards,
Adam
--- End Message ---
