Your message dated Sun, 19 Apr 2015 15:19:49 +0000 with message-id <[email protected]> and subject line Bug#782450: fixed in ppp 2.4.5-4+deb6u2 has caused the Debian Bug report #782450, regarding ppp: CVE-2015-3310: Buffer overflow in radius plugin to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 782450: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782450 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: ppp Version: 2.4.6-3 Severity: important Tags: patch On systems with more than 65535 processes running, pppd aborts when sending a "start" accounting message to the RADIUS server because of a buffer overflow in rc_mksid. The process id is used in rc_mksid to generate a pseudo-unique string, assuming that the hex representation of the pid will be at most 4 characters (FFFF). __sprintf_chk(), used when compiling with optimization levels greater than 0 and FORTIFY_SOURCE, detects the buffer overflow and makes pppd crash. The following patch fixes the problem. --- ppp-2.4.6.orig/pppd/plugins/radius/util.c +++ ppp-2.4.6/pppd/plugins/radius/util.c @@ -77,7 +77,7 @@ rc_mksid (void) static unsigned short int cnt = 0; sprintf (buf, "%08lX%04X%02hX", (unsigned long int) time (NULL), - (unsigned int) getpid (), + (unsigned int) getpid () % 65535, cnt & 0xFF); cnt++; return buf; -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ppp depends on: ii init-system-helpers 1.22 ii libc6 2.19-17 ii libpam-modules 1.1.8-3.1 ii libpam-runtime 1.1.8-3.1 ii libpam0g 1.1.8-3.1 ii libpcap0.8 1.6.2-2 ii procps 2:3.3.9-9
--- End Message ---
--- Begin Message ---Source: ppp Source-Version: 2.4.5-4+deb6u2 We believe that the bug you reported is fixed in the latest version of ppp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thorsten Alteholz <[email protected]> (supplier of updated ppp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 19 Apr 2015 16:00:47 +0200 Source: ppp Binary: ppp ppp-udeb ppp-dev Architecture: source i386 all Version: 2.4.5-4+deb6u2 Distribution: squeeze-lts Urgency: high Maintainer: Marco d'Itri <[email protected]> Changed-By: Thorsten Alteholz <[email protected]> Description: ppp - Point-to-Point Protocol (PPP) - daemon ppp-dev - Point-to-Point Protocol (PPP) - development files ppp-udeb - Point-to-Point Protocol (PPP) - package for Debian Installer (udeb) Closes: 782450 Changes: ppp (2.4.5-4+deb6u2) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS Team. * Fix CVE-2015-3310: buffer overflow which may lead to DoS (Closes: #782450). (thanks to Emanuele Rocca for the patch). Checksums-Sha1: 33d28ab19c5b260a52b5887ba831f327de180c95 1765 ppp_2.4.5-4+deb6u2.dsc cb977b31584e3488e08a643aaa672fdb229d2e78 684342 ppp_2.4.5.orig.tar.gz 263138f23fd1ad778604e53dcd12dfa696886628 98377 ppp_2.4.5-4+deb6u2.diff.gz 3bcbcbdd7e95ddd44fe4f663fb18089f90da91bb 351422 ppp_2.4.5-4+deb6u2_i386.deb 9ef823345ef638a99ce0581811197ef0dd30eb5b 117154 ppp-udeb_2.4.5-4+deb6u2_i386.udeb f32c7f00d8a5ec7f8a6d03e097ac21a4325eab17 57360 ppp-dev_2.4.5-4+deb6u2_all.deb Checksums-Sha256: 97751146fbc2e8a447ec456e5e64cfdaef787672370869dcf006c212ab969931 1765 ppp_2.4.5-4+deb6u2.dsc 43317afec9299f9920b96f840414c977f0385410202d48e56d2fdb8230003505 684342 ppp_2.4.5.orig.tar.gz 821c9178d0c9e0d67d452b786cbf365d63237262b23d8cab51fd0eb9a1ef5ee9 98377 ppp_2.4.5-4+deb6u2.diff.gz 8a9e8f9b54c1588a882b7b3b4a93f7929f796ea56456e413f5e869487dfb864f 351422 ppp_2.4.5-4+deb6u2_i386.deb d75e8b373e662874c2b6c5ac83f689d09df39e03b2605c1f10670ebfa23d927f 117154 ppp-udeb_2.4.5-4+deb6u2_i386.udeb 681efe1a7b1680ae501577b91a4d5c58c8fc913bfee03949c2ec0e71f4b602e6 57360 ppp-dev_2.4.5-4+deb6u2_all.deb Files: ae5f111f77d822582bbe4cf179f7134e 1765 admin optional ppp_2.4.5-4+deb6u2.dsc 4621bc56167b6953ec4071043fe0ec57 684342 admin optional ppp_2.4.5.orig.tar.gz 747a78dd7e4f17ddfabe555ffa335849 98377 admin optional ppp_2.4.5-4+deb6u2.diff.gz ea5854906186f06fdb50a21c5d68dda4 351422 admin optional ppp_2.4.5-4+deb6u2_i386.deb f21f2762bcdf12ba2db42405d2ae1d34 117154 debian-installer optional ppp-udeb_2.4.5-4+deb6u2_i386.udeb cd0e19ba39e698258a995b3373c6211e 57360 devel extra ppp-dev_2.4.5-4+deb6u2_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJVM8MGXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHirEQAKiFQb+fih1FOLQJUVV8Hpmv gV2qPw2grtcpr3Em6PECcLkCaBewpudiLpDWbY9xrOkLTJUCkBYeBRaAzDi4DrXR C3MfiIXeGZd/u9PGA/GJj3JfUpn4qPZXkA+rjLBke2eD6M1xQq1q+LbARStAu2Hh YwWwzWUhAQ0icBHv+AXTyBwPUOhHUPqAn3iK4bQJkOY4WhT3dNob8GHRLTxvBd8C XVaY8nvhOSb/Mooj6dwz94xRJwmvJHaW6R2G2qV1qTwHMR1+ux3H9rxirFZh/v0I i+4LMUthmyCew4SJEG0H42XyKryTvDA6iMrAedQDrStMSzHVwixhEYUQJGYRbBCk 7giCd+lNka+O5A93XfxAN9jLoZhC2RnEIvP1gdPls5DHvK55MrluZJEcjL3P1Eim FND1+oT7h50Gq0JswJ0VYkIptPm/n2UPtSv3l8WHSVExX2i0MUUqS0gRatjRswhD w3qIOAHYU3nZcSJyN3OGtPE2OKmvrNMIVuebRKZBK5/uqJFNutdFXmhAM5uanBge aHe3x12ADDFAyKsTlYHGZ6gIY0J/sKhhwOzgo4WTZFU/I0vVrY1OgEgMZbdQQL66 uDs8xf+gOu4vECVxZrbfFPbhbxir27jtebB6xMktLsJuIXEzUy0LxhJo9cUCVvGQ pMDrBm0DV3c3OmeZXE0r =skXJ -----END PGP SIGNATURE-----
--- End Message ---

