Your message dated Thu, 25 Aug 2016 16:35:26 +0000
with message-id <[email protected]>
and subject line Bug#835386: fixed in cracklib2 2.9.2-3
has caused the Debian Bug report #835386,
regarding cracklib2: Buffer overflow processing long words
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
835386: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835386
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: cracklib2
Version: 2.9.2-1
Severity: important
Tags: security upstream
On Mon, Aug 22, 2016 at 10:22:40PM +0200, Daniel Lange wrote:
> Control: tags -1 + patch
>
> The buffer overflow results from strings that are too short for a strcpy to
> always succeed.
>
> Patch from
> <https://build.opensuse.org/package/view_file/Base:System/cracklib/0004-overflow-processing-long-words.patch>
> attached.
>
> The input word is guaranteed to be at most STRINGSIZE-1 in length. One of the
> mangle operations involves duplicating the input word, resulting in a string
> twice the length to be accommodated by both area variables.
>
> Howard Guo <[email protected]> 2016-08-17
>
> diff -rupN 3/lib/rules.c 3-patched/lib/rules.c
> --- 3/lib/rules.c 2016-08-16 14:16:24.033261876 +0200
> +++ 3-patched/lib/rules.c 2016-08-17 13:57:14.485782894 +0200
> @@ -434,9 +434,8 @@ Mangle(input, control) /* returns a poi
> {
> int limit;
> register char *ptr;
> - static char area[STRINGSIZE];
> - char area2[STRINGSIZE];
> - area[0] = '\0';
> + static char area[STRINGSIZE * 2] = {0};
> + char area2[STRINGSIZE * 2] = {0};
> strcpy(area, input);
>
> for (ptr = control; *ptr; ptr++)
Opening a separate bugreport about this second issue and track it separately of
CVE-2016-6318. I have asked for a CVE id in
http://www.openwall.com/lists/oss-security/2016/08/23/8 .
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: cracklib2
Source-Version: 2.9.2-3
We believe that the bug you reported is fixed in the latest version of
cracklib2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jan Dittberner <[email protected]> (supplier of updated cracklib2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 25 Aug 2016 17:29:17 +0200
Source: cracklib2
Binary: libcrack2 libcrack2-udeb libcrack2-dev cracklib-runtime python-cracklib
python3-cracklib
Architecture: source amd64
Version: 2.9.2-3
Distribution: unstable
Urgency: medium
Maintainer: Jan Dittberner <[email protected]>
Changed-By: Jan Dittberner <[email protected]>
Description:
cracklib-runtime - runtime support for password checker library cracklib2
libcrack2 - pro-active password checker library
libcrack2-dev - pro-active password checker library - development files
libcrack2-udeb - pro-active password checker library (udeb)
python-cracklib - Python bindings for password checker library cracklib2
python3-cracklib - Python3 bindings for password checker library cracklib2
Closes: 792860 835386
Changes:
cracklib2 (2.9.2-3) unstable; urgency=medium
.
* Fix "Buffer overflow processing long words" by applying patch from
https://build.opensuse.org/package/view_file/Base:System/cracklib/
0004-overflow-processing-long-words.patch (Closes: #835386)
* remove obsolete debian/pycompat
* change Vcs-* fields to https variants
* Bump Standards-Version to 3.9.8 (no changes)
* Fix "FTCBFS: invokes host-arch executable cracklib-packer" by applying
Helmut Grohne's patch to fix cross compilation (Closes: #792860)
Checksums-Sha1:
8735e2129d321f1b149208f8cedc39818332f77d 2135 cracklib2_2.9.2-3.dsc
66187945fddab66d06ca5c26ee89c8c21576628c 26076 cracklib2_2.9.2-3.debian.tar.xz
0ef72460543939650683410f4dadddb26c076474 10462
cracklib-runtime-dbgsym_2.9.2-3_amd64.deb
7d7446cc7959d3c5123c1a1407fa93a8791bdb83 148288
cracklib-runtime_2.9.2-3_amd64.deb
9c09decb5ebfc7cd37835f4d65b07b0c055842e2 21484
libcrack2-dbgsym_2.9.2-3_amd64.deb
9a512ab4ae1fe02e98a696d0936afbb4f745cbc6 31518 libcrack2-dev_2.9.2-3_amd64.deb
04eaf761e6d0ddd3c5edf5559fc5fd15cf47e304 119980
libcrack2-udeb_2.9.2-3_amd64.udeb
a73b88bd3f55650c725bf1ae97033e53dd8b8e9c 54666 libcrack2_2.9.2-3_amd64.deb
02b0759154380b4416ca8e9cd6c7e3bdeabb328a 13106
python-cracklib-dbgsym_2.9.2-3_amd64.deb
3ac03f8ca8e8499c02a36f06c0cb4eb91b67ffc5 23050
python-cracklib_2.9.2-3_amd64.deb
70a3bd21f18533da31d26d014451231c29a49976 14078
python3-cracklib-dbgsym_2.9.2-3_amd64.deb
ee34b9f177d00648c642c53202577992a12a2ec8 23106
python3-cracklib_2.9.2-3_amd64.deb
Checksums-Sha256:
787f139a38ca2aca075d1bde8f3f54ec967ad7f1ae550170a73c18b2104ac045 2135
cracklib2_2.9.2-3.dsc
3d7974ef20ce8e060da5138527453e4e80b7d0ed0139137b2fa30115188569e1 26076
cracklib2_2.9.2-3.debian.tar.xz
c9ac3c26503173f2f7a7ffe973426bb88adca719f36820f7a0887d04c27b34d2 10462
cracklib-runtime-dbgsym_2.9.2-3_amd64.deb
84e0de787b633d7c699489cb32b6122736b5e340cc0ec97b897bbbb75447e365 148288
cracklib-runtime_2.9.2-3_amd64.deb
3016a4c7c9294f77205fd3ad60712de64b8a2a1afd3991c7023572b46186e0e6 21484
libcrack2-dbgsym_2.9.2-3_amd64.deb
0c4e583df6d47417a048c202ca2203e18a744ac86d6909b7e4337c2519e9b757 31518
libcrack2-dev_2.9.2-3_amd64.deb
31098e4022440071291b5c94b4c5d38a08b050b64bd85d3095ed8c61b37ba0f8 119980
libcrack2-udeb_2.9.2-3_amd64.udeb
b243e24dc5ff96dbc3f522a360946a0b6d2db3e583ead518652b2c9eebe75f34 54666
libcrack2_2.9.2-3_amd64.deb
2ac13ed546750cc50ef4a32a7096b5a1edaab13b7389a028b2d48ca3c50fade9 13106
python-cracklib-dbgsym_2.9.2-3_amd64.deb
4939402d07f79b4d2e9f1f4ae7dc92c23220cc6594a9bdf8675b13de773a3ecf 23050
python-cracklib_2.9.2-3_amd64.deb
de3345f8da93306f1d9cba8f64fe5b190c028f97ef9d8af85518e911e225a929 14078
python3-cracklib-dbgsym_2.9.2-3_amd64.deb
2805738f52794d526f90ea44f24f47ce0d47b3d2c09b2a17fe77d7e135c3c329 23106
python3-cracklib_2.9.2-3_amd64.deb
Files:
8d457bc8e5d52242ee56aa576bfedc12 2135 libs optional cracklib2_2.9.2-3.dsc
f1595bee22a2426355be686b7597fb13 26076 libs optional
cracklib2_2.9.2-3.debian.tar.xz
e2ed470ef657ccebcf9e586151b00c5e 10462 debug extra
cracklib-runtime-dbgsym_2.9.2-3_amd64.deb
4bac2af4a82271866376d3d69ae4e0fa 148288 admin optional
cracklib-runtime_2.9.2-3_amd64.deb
be4a55f12946c63cf0826e556f6e75d4 21484 debug extra
libcrack2-dbgsym_2.9.2-3_amd64.deb
e710fbdd95b764e25c0116ca05e0ade8 31518 libdevel extra
libcrack2-dev_2.9.2-3_amd64.deb
3ad0b0020b4a8c018b53726de6165360 119980 debian-installer optional
libcrack2-udeb_2.9.2-3_amd64.udeb
2bc6c3c32822551a87a272a6397232e8 54666 libs optional
libcrack2_2.9.2-3_amd64.deb
d9a75cb995267cb00fd8606b53a5904c 13106 debug extra
python-cracklib-dbgsym_2.9.2-3_amd64.deb
4992564de75bf4bd216c7de60a732c77 23050 python optional
python-cracklib_2.9.2-3_amd64.deb
df0f147c85b3fd93d3303aaae5b3ee3c 14078 debug extra
python3-cracklib-dbgsym_2.9.2-3_amd64.deb
5cb529ce8e5be640f0136f28c9eab3ee 23106 python optional
python3-cracklib_2.9.2-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJXvxMJAAoJEA15HcjXN8HZmfQH/jEwO4tbCyxl7x8cMmh2e0Ji
rgxfUQtIFLr0iGKLNAQBZgoWZhnqqDKVoRCvHPrghOYBwkCPuI5DIXd5ZfKGXX6q
7w/EesfRmji12v8ceCUbzhPPMWafwK3rygQJEtXubcfdo0naudymOQccmp4a9D7a
yc+Kf9XlT1EA4QQjewu1slBU4FbGlURaPyH73Wz1hv6NW/Nx3f+O6SECG2JlMTIP
9WQnCoLev6u0z9uPNfsg632XJ+rkMODWn6coFbpBKj/XSUPHfHz4bQvYhIcYwm+e
VfAgAqtoCpaI0YMNBTDGB83AvDeXLtcRLObEIFHD7jbLOrenFnmpjVRzWJpahwE=
=hOWW
-----END PGP SIGNATURE-----
--- End Message ---
