On Sunday, September 08, 2013 17:42:33 you wrote:
> The fixed packages in Debian are flightgear 2.10.0-2 and simgear
> 2.10.0-3, both currently in the build queue.
Both sync'ed. Thanks for working through this and sticking with it.
Scott K
--
You received this bug notification because you are
The fixed packages in Debian are flightgear 2.10.0-2 and simgear
2.10.0-3, both currently in the build queue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to v
OK. Please ping the bug when then are ready and I'll sync from Debian.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to version 2.10.0
To manage notifications
It appears that my "fixes both", which I meant as "2091 for both read()
and readline()", has been misinterpreted as "both 2090 and 2091", with
the result that Saikrishna's simgear 2090 patch was not applied; my
flightgear patch for upstream issue 1117 wasn't applied either.
I.e. there should be th
OK. Uploaded the updated version.
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to version 2.10.0
To manage notifications about this bug go to:
https
Sorry...my previous patch had an off-by-one error. Corrected patch
attached.
** Patch added: "simgear_CVE2012_2091.patch"
https://bugs.launchpad.net/ubuntu/+source/simgear/+bug/1077624/+attachment/3808144/+files/simgear_CVE2012_2091.patch
--
You received this bug notification because you ar
** Patch removed: "simgear_CVE2012_2091.patch"
https://bugs.launchpad.net/ubuntu/+source/simgear/+bug/1077624/+attachment/3806309/+files/simgear_CVE2012_2091.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launch
I've uploaded an update for simgear with them as well. Sent the patch
to Debian. Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to version 2.10.0
To m
Here's an updated patch that sets length to 0 if length is negative
** Patch removed: "CVE-2012-2091"
https://bugs.launchpad.net/ubuntu/+source/flightgear/+bug/1077624/+attachment/3805988/+files/cve-2012-2091-check-length-of-buffer.patch
** Patch added: "CVE-2012-2091"
https://bugs.launch
Did you apply the security patches (Debian bug http://bugs.debian.org
/cgi-bin/bugreport.cgi?bug=669025 ), and if not is there a reason you
can't? Both Ubuntu's and Debian's 2.10 source look unpatched.
** Bug watch added: Debian Bug tracker #669025
http://bugs.debian.org/cgi-bin/bugreport.cgi?
Sorry, stray bracket.
** Patch removed: "simgear_CVE2012_2091.patch"
https://bugs.launchpad.net/ubuntu/+source/flightgear/+bug/1077624/+attachment/3806302/+files/simgear_CVE2012_2091.patch
** Patch added: "simgear_CVE2012_2091.patch"
https://bugs.launchpad.net/ubuntu/+source/flightgear/+b
There's another CVE for simgear (6699025 was for the one in flightgear):
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669024. There aren't
any patches attached to the bug report, but I made my own patches in an
attempt to address the CVE, which I attached here.
** Bug watch added: Debian Bug t
Rebecca's patches look good to me, too. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to version 2.10.0
To manage notifications about this bug go to:
h
Saikrishna, I don't believe that patch is complete:
+++ simgear/simgear/io/sg_socket_udp.cxx2013-08-04 22:21:16.174132010
-0500
@@ -104,8 +104,9 @@
}
int result;
+int size = length < SG_IO_MAX_MSG_SIZE ? length : SG_IO_MAX_MSG_SIZE;
-if ( (result = sock.recv(buf, SG_
Here's an updated patch that sets length to 0 if length is negative.
This should cause nothing to be read from the socket, right?
** Patch added: "CVE-2012-2091"
https://bugs.launchpad.net/ubuntu/+source/flightgear/+bug/1077624/+attachment/3806188/+files/cve-2012-2091-check-length-of-buffer.pa
The original report doesn't say so but it looks like
SGSocketUDP::readline is vulnerable as well: the attached fixes both.
(I kept the negative-length check but consider it mostly pointless: if
you can't assume length is the correct length of buf, it's impossible to
prevent an overflow.)
** Patch
Also a fix for upstream bug 1117 ( http://code.google.com/p/flightgear-
bugs/issues/detail?id=1117&q=2090&colspec=ID%20Type%20Status%20Priority%20Summary%20Aircraft%20Milestone
), another format string security bug.
Note that neither of these fixes have been tested.
** Patch added: "flightgear_bu
I should have mentioned that the patches were to the best of my ability
and might not address all problems.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to ver
CVE-2012-2091 attached here.
** Patch added: "CVE-2012-2091"
https://bugs.launchpad.net/ubuntu/+source/flightgear/+bug/1077624/+attachment/3805988/+files/cve-2012-2091-check-length-of-buffer.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscri
You are correct. I'm fixing the Ubuntu package and I reopened the bug
in Debian.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077624
Title:
FFe: Update Flightgear to version 2.10.0
To manage not
This bug was fixed in the package flightgear-data - 2.10.0-1
Sponsored for Thomas Hotz (thotz)
---
flightgear-data (2.10.0-1) experimental; urgency=low
* New upstream release. (Closes: #714260).
* Rename data source and binary packages for clarity - now including
'flightgear'
Ack. Approved. It's out of New in Debian, so please sync it once it's
available.
** Changed in: flightgear-data (Ubuntu)
Status: Confirmed => Triaged
** Changed in: flightgear-data (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a mem
22 matches
Mail list logo
