Your message dated Thu, 09 Dec 2010 23:32:05 +0000
with message-id <[email protected]>
and subject line Bug#605092: fixed in collectd 4.10.1-1+squeeze2
has caused the Debian Bug report #605092,
regarding Denial of Service vulnerability in the RRDtool and RRDCacheD plugins.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
605092: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: collectd
Version: 4.4.2-3
Severity: important
Tags: patch, security, upstream, fixed-upstream
When creating a new RRD file, the RRDtool and RRDCacheD plugins
assert(3) that the timestamp included with a value is greater than 10
(i.e. after January 1st, 1970, 00:00:10 UTC). However, this condition is
not actually checked anywhere, making it possible for this assertion to
fail.
In the common scenario that data is received via the Network plugin and
written to disk via the RRDtool or RRDCacheD plugin, it is easily
possible to trigger this problem by sending a specifically crafted
Network packet. If the Network plugin is configured with the "Sign" or
"Encrypt" "security levels", an attacker needs to know the pre-shared
key to trigger the problem. Other plugins, for example the UnixSock and
Exec plugins, can be used to trigger the problem as well. However,
access to these mechanisms is usually not available to the general
public.
The existence of this problem has only been verified in version
4.10.1-1+squeeze1~bpo50+1 of the package, but the offending code first
appeared in version 4.0.8 of collectd (commit 9d52ed5f). It is therefore
safe to assume that all versions since 4.0.8 are vulnerable, including
version 4.4.2-3 included in Debian Lenny.
The issue has been fixed upstream in commit 11893a7c. The fix is
included in the new upstream versions 4.9.4 and 4.10.2. Porting the fix
back to 4.10.1-1+squeeze1 should be trivial.
Regards,
—octo
[0]
<http://git.verplant.org/?p=collectd.git;a=commitdiff;h=11893a7c85389e6d8a07d1ee8473294767c7ccb9>
--
Florian octo Forster
Hacker in training
GnuPG: 0x0C705A15
http://octo.it/
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: collectd
Source-Version: 4.10.1-1+squeeze2
We believe that the bug you reported is fixed in the latest version of
collectd, which is due to be installed in the Debian FTP archive:
collectd-core_4.10.1-1+squeeze2_amd64.deb
to main/c/collectd/collectd-core_4.10.1-1+squeeze2_amd64.deb
collectd-dbg_4.10.1-1+squeeze2_amd64.deb
to main/c/collectd/collectd-dbg_4.10.1-1+squeeze2_amd64.deb
collectd-dev_4.10.1-1+squeeze2_all.deb
to main/c/collectd/collectd-dev_4.10.1-1+squeeze2_all.deb
collectd-utils_4.10.1-1+squeeze2_amd64.deb
to main/c/collectd/collectd-utils_4.10.1-1+squeeze2_amd64.deb
collectd_4.10.1-1+squeeze2.diff.gz
to main/c/collectd/collectd_4.10.1-1+squeeze2.diff.gz
collectd_4.10.1-1+squeeze2.dsc
to main/c/collectd/collectd_4.10.1-1+squeeze2.dsc
collectd_4.10.1-1+squeeze2_amd64.deb
to main/c/collectd/collectd_4.10.1-1+squeeze2_amd64.deb
libcollectdclient-dev_4.10.1-1+squeeze2_amd64.deb
to main/c/collectd/libcollectdclient-dev_4.10.1-1+squeeze2_amd64.deb
libcollectdclient0_4.10.1-1+squeeze2_amd64.deb
to main/c/collectd/libcollectdclient0_4.10.1-1+squeeze2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <[email protected]> (supplier of updated collectd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 09 Dec 2010 17:46:44 +1100
Source: collectd
Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev
libcollectdclient-dev libcollectdclient0
Architecture: source amd64 all
Version: 4.10.1-1+squeeze2
Distribution: testing-proposed-updates
Urgency: high
Maintainer: Sebastian Harl <[email protected]>
Changed-By: Steffen Joeris <[email protected]>
Description:
collectd - statistics collection and monitoring daemon
collectd-core - statistics collection and monitoring daemon (core system)
collectd-dbg - statistics collection and monitoring daemon (debugging symbols)
collectd-dev - statistics collection and monitoring daemon (development files)
collectd-utils - statistics collection and monitoring daemon (utilities)
libcollectdclient-dev - client library for collectd's control interface
(development file
libcollectdclient0 - client library for collectd's control interface
Closes: 605092
Changes:
collectd (4.10.1-1+squeeze2) testing-proposed-updates; urgency=high
.
* Non-maintainer upload by the security team
* Fix DoS in RRD file creation (Closes: #605092)
Fixes: CVE-2010-4336
Thanks to Florian Forster
Checksums-Sha1:
217d46bd8a23b0cdc30e85e5cade341dca201e62 2529 collectd_4.10.1-1+squeeze2.dsc
d75dd9f51e05b964b2026fd6b05a000f99cbc3e2 58643
collectd_4.10.1-1+squeeze2.diff.gz
c0a4d0b557cc1c8ac38c66b89737158c533eb864 819458
collectd-core_4.10.1-1+squeeze2_amd64.deb
4007e5200337df4ac8c2f803a4aec43c319db97a 66658
collectd_4.10.1-1+squeeze2_amd64.deb
3dcb8a6eacea4e137a73fe4e955f3f6576f3e75e 68644
collectd-utils_4.10.1-1+squeeze2_amd64.deb
5dc4698ad78046d0f7b4acb15a0d1cf5c2deea67 840062
collectd-dbg_4.10.1-1+squeeze2_amd64.deb
a463b3013747b4efc162f825cdcc0e981bd99dbd 61288
libcollectdclient-dev_4.10.1-1+squeeze2_amd64.deb
69a74e23b0c714ee38bff8fe1fb2c196789f7c79 66878
libcollectdclient0_4.10.1-1+squeeze2_amd64.deb
85a52d353266d01c1509c7b2b73f89c674ea15e3 101578
collectd-dev_4.10.1-1+squeeze2_all.deb
Checksums-Sha256:
ace2dda4c8f05b8e50a1a8d6cc2167bb1b15421399523c101c2d5ed10ff48e45 2529
collectd_4.10.1-1+squeeze2.dsc
8bd7a1739b7a27efc9e28fc8b68d09df1ba3584528dd2cf486485fe651a6d777 58643
collectd_4.10.1-1+squeeze2.diff.gz
c73f7960b245ee291c84894bdb8fb87a1d8561f3f5037a8d693db15279a109d0 819458
collectd-core_4.10.1-1+squeeze2_amd64.deb
22ce7582ef2dc266018f3e5aef9415680ae2e3fadd811d1e3c8f2a8cbdeea16c 66658
collectd_4.10.1-1+squeeze2_amd64.deb
82f3482590cfa55da46f36d0444dee5da6f169db1dee463e66adb63d5a56ed84 68644
collectd-utils_4.10.1-1+squeeze2_amd64.deb
61e43f4828c988afecf75b67b8cc48810c5314c36f88a7c23d81f4c991874d76 840062
collectd-dbg_4.10.1-1+squeeze2_amd64.deb
dbde0c98e4e5470eaa495aa365023b2f4b2d6e8c33b535d0898577182ceb31fd 61288
libcollectdclient-dev_4.10.1-1+squeeze2_amd64.deb
6a53c6e2cda6664e1c5f20b81cb51e710a9a498a7cfe37d1e194259917e491ca 66878
libcollectdclient0_4.10.1-1+squeeze2_amd64.deb
1593b364d143fbadfd8863b452cbff408c42cc5ab8b0a313b49e196722d9d9a8 101578
collectd-dev_4.10.1-1+squeeze2_all.deb
Files:
27e16cfe30ec8108f73f2243df641b01 2529 utils optional
collectd_4.10.1-1+squeeze2.dsc
5d9552357cd0683dbd0b8f4c631e0f2b 58643 utils optional
collectd_4.10.1-1+squeeze2.diff.gz
05bdc3ea8d88a8efd74bee24f22ea161 819458 utils optional
collectd-core_4.10.1-1+squeeze2_amd64.deb
4913ca949c7921faf6a18da4bdab271d 66658 utils optional
collectd_4.10.1-1+squeeze2_amd64.deb
a276b99a65d6f74d60177bec1d89851c 68644 utils optional
collectd-utils_4.10.1-1+squeeze2_amd64.deb
2b2dbd0b516ec131cf9a3e8712e3d505 840062 debug extra
collectd-dbg_4.10.1-1+squeeze2_amd64.deb
3237e3e366d318a8123052551f1a78e3 61288 libdevel optional
libcollectdclient-dev_4.10.1-1+squeeze2_amd64.deb
fe4dfaf1a972eb2cbe316895c5aca668 66878 libs optional
libcollectdclient0_4.10.1-1+squeeze2_amd64.deb
97cb6ce8644fb68a07951d3d1542e6b5 101578 utils optional
collectd-dev_4.10.1-1+squeeze2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk0BZL0ACgkQ62zWxYk/rQf45QCghu32269fec3h5MU5tpkZX9eI
kmkAoIRm7DhA97rGYOKu1OoM6YnlXvs7
=zak/
-----END PGP SIGNATURE-----
--- End Message ---
