Your message dated Wed, 24 Sep 2014 11:22:15 +0000
with message-id <[email protected]>
and subject line Bug#762027: fixed in libircclient 1.8-2
has caused the Debian Bug report #762027,
regarding libircclient: libircclient segmentation fault on using ipv6 (possible
security issue?)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
762027: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762027
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libircclient1
Version: 1.3+dfsg1-3
Severity: normal
File: libircclient
Tags: upstream patch ipv6
Dear Maintainer,
current upstream versions and down to 1.3 (possibly even older) versions
of libircclient have an issue with ipv6 handling. When connecting to a
ipv6 address it segfaults on receiving the first message from the server.
It's caused by writing a sockaddr6_in into a sockaddr_in which overwrites
some callback function pointers.
The bug is reported upstream but since it's possibly a security issue
and libircclients' upstream is very slow you might want to consider
applying this small patch.
-- System Information:
Debian Release: 7.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libircclient1 depends on:
ii libc6 2.13-38+deb7u4
libircclient1 recommends no packages.
libircclient1 suggests no packages.
-- no debconf information
Index: libircclient.c
===================================================================
--- libircclient.c (revision 125)
+++ libircclient.c (working copy)
@@ -817,7 +817,7 @@
if (saddr.ss_family == AF_INET)
memcpy (&session->local_addr, &((struct sockaddr_in *)&laddr)->sin_addr, sizeof(struct in_addr));
else
- memcpy (&session->local_addr, &((struct sockaddr_in6 *)&laddr)->sin6_addr, sizeof(struct in6_addr));
+ memcpy (&session->local_addr6, &((struct sockaddr_in6 *)&laddr)->sin6_addr, sizeof(struct in6_addr));
#if defined (ENABLE_DEBUG)
if ( IS_DEBUG_ENABLED(session) )
--- End Message ---
--- Begin Message ---
Source: libircclient
Source-Version: 1.8-2
We believe that the bug you reported is fixed in the latest version of
libircclient, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dariusz Dwornikowski <[email protected]> (supplier of
updated libircclient package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 18 Sep 2014 15:29:18 +0200
Source: libircclient
Binary: libircclient-dev libircclient1
Architecture: source amd64
Version: 1.8-2
Distribution: unstable
Urgency: medium
Maintainer: Dariusz Dwornikowski <[email protected]>
Changed-By: Dariusz Dwornikowski <[email protected]>
Description:
libircclient-dev - development files for libircclient
libircclient1 - C library to create IRC clients
Closes: 762027
Changes:
libircclient (1.8-2) unstable; urgency=medium
.
* patch/fix-ipv6-socaddr.patch added (Closes: #762027)
- fixes segfault when connecting to an IPv6 address
Checksums-Sha1:
cfbb2cb1c43257cfaa6281efb56032fc0b52a5a5 1985 libircclient_1.8-2.dsc
0fe893a747db422655a0ca4e8773dfb34b3d6002 37692 libircclient_1.8-2.debian.tar.xz
a0b9aa1514139f1a0ebaacbff6ef63dc6db11db6 39886 libircclient-dev_1.8-2_amd64.deb
1db07107c02e480c72f32ab29bc7fc864705fe80 20240 libircclient1_1.8-2_amd64.deb
Checksums-Sha256:
3ac39deb7d93a876a9aef5848f861beef8368eb663e3a18dd77fe439660029eb 1985
libircclient_1.8-2.dsc
7996cbeadca4e4bcc2c4fd6a693070dabe1be45c342a9a329cd58e535465e6a1 37692
libircclient_1.8-2.debian.tar.xz
c047ae7b7acbf786b168c74d873b7bb7fc36beb2a8fbd186de645a901a189415 39886
libircclient-dev_1.8-2_amd64.deb
254b692aaf971b422d596e688b33f00641bcfabdd0e649d172f0182946cc1e99 20240
libircclient1_1.8-2_amd64.deb
Files:
0b7bf462e21e46b8517d20d4912cf700 39886 libdevel optional
libircclient-dev_1.8-2_amd64.deb
0678077d6a219304d81ffd47d3560af2 20240 libs optional
libircclient1_1.8-2_amd64.deb
df62c069d6da8763fbae83618437096a 1985 libs optional libircclient_1.8-2.dsc
f177ac2004faca5cb3c681d173690177 37692 libs optional
libircclient_1.8-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJUIqS3AAoJECEac8aaew/HdF8QANtCh2CG8RLZOor7RSHjdijl
8/thli2ouvvrjj4j97f9Ax+nyly1nMHU2FaSqu/hs+vetpT765M+4P/u5B5gabmF
vav40lTcsP6H4jm9drJ6P0qR57KBIhqI/3e9MdUMBbmFA8OXBYFy5tOPNMWgWTl6
nORde7HJ/I17S3vVnCyN7qC/OwECTLqqfIS5tEIedxadRlnDJlge5HaYrBZ+LdJZ
BA/2AGFifZInr7qHwUtdpTMjvOEe/xyyO5xVyJkLJRU4kEKUCCW2c54+C1lWmI6Y
OfAW/tIe4tGUJtcr5OvEeIzmNtJivhtNEo0QY8zEKWlynhstbIz+kFBatcN0ATLO
/JCJloE7M8ZqL3uASkqmCttfvBirDRBwkCla0QYwRH8q9BtsB1nynX8RRQrso/TC
WkS0Ye1HCeowSZiPKZgvuobvtrterGW553S3IAPC6UQjW44FrN0aGGgIrE+gKYyc
heJdDon4/fDAjQ727W4ArItuKRzIxKaPbSZfzcrxr4I8k3obXn71WobMpfKRBTva
qkkSJuwvVYlWA78e1IQPs02osk895VqEq4aVWJnbGgptSSbVewBtvd242azDA5G+
lNbBOOZhUjgu30VUj/vJug4JM1CEyvPnPB1WXOg+i9g9r3janMAaouHcXWC9Jhdh
fC18QE0579AoOkkkkneO
=HShh
-----END PGP SIGNATURE-----
--- End Message ---
