Your message dated Sat, 11 Jul 2026 10:32:49 +0000
with message-id <[email protected]>
and subject line Released in 13.6
has caused the Debian Bug report #1141179,
regarding trixie-pu: package rtl-433/25.02-1+deb13u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1141179: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1141179
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected], [email protected]
Control: affects -1 + src:rtl-433
User: [email protected]
Usertags: pu

  * CVE-2025-34450: Buffer overflow in parse_rfraw()
    (Closes: #1126178)
diffstat for rtl-433-25.02 rtl-433-25.02

 changelog                                                              |    8 
++
 patches/0001-Fix-overflow-in-rfraw-test-data-parsing-closes-3375.patch |   31 
++++++++++
 patches/series                                                         |    1 
 3 files changed, 40 insertions(+)

diff -Nru rtl-433-25.02/debian/changelog rtl-433-25.02/debian/changelog
--- rtl-433-25.02/debian/changelog      2025-02-19 18:52:07.000000000 +0200
+++ rtl-433-25.02/debian/changelog      2026-06-30 21:51:39.000000000 +0300
@@ -1,3 +1,11 @@
+rtl-433 (25.02-1+deb13u1) trixie; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2025-34450: Buffer overflow in parse_rfraw()
+    (Closes: #1126178)
+
+ -- Adrian Bunk <[email protected]>  Tue, 30 Jun 2026 21:51:39 +0300
+
 rtl-433 (25.02-1) unstable; urgency=medium
 
   * New upstream version.
diff -Nru 
rtl-433-25.02/debian/patches/0001-Fix-overflow-in-rfraw-test-data-parsing-closes-3375.patch
 
rtl-433-25.02/debian/patches/0001-Fix-overflow-in-rfraw-test-data-parsing-closes-3375.patch
--- 
rtl-433-25.02/debian/patches/0001-Fix-overflow-in-rfraw-test-data-parsing-closes-3375.patch
 1970-01-01 02:00:00.000000000 +0200
+++ 
rtl-433-25.02/debian/patches/0001-Fix-overflow-in-rfraw-test-data-parsing-closes-3375.patch
 2026-06-30 21:50:58.000000000 +0300
@@ -0,0 +1,31 @@
+From b27bd050d6c74c900e9471338c63bcd96b5c1b08 Mon Sep 17 00:00:00 2001
+From: "Christian W. Zuckschwerdt" <[email protected]>
+Date: Wed, 8 Oct 2025 10:11:15 +0200
+Subject: Fix overflow in rfraw test data parsing (closes #3375)
+
+---
+ src/rfraw.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/rfraw.c b/src/rfraw.c
+index 9f4c9780..71a1c365 100644
+--- a/src/rfraw.c
++++ b/src/rfraw.c
+@@ -159,9 +159,14 @@ static bool parse_rfraw(pulse_data_t *data, char const 
**p)
+             data->num_pulses++;
+             pulse_needed = true;
+         }
++        // abort reading if the pulse data array is full
++        if (data->num_pulses >= PD_MAX_PULSES) {
++            break;
++        }
+     }
+     //data->gap[data->num_pulses - 1] = 3000; // TODO: extend last gap?
+ 
++    // expand reapeats as long as the pulse data array has enough space
+     unsigned pkt_pulses = data->num_pulses - prev_pulses;
+     for (int i = 1; i < repeats && data->num_pulses + pkt_pulses <= 
PD_MAX_PULSES; ++i) {
+         memcpy(&data->pulse[data->num_pulses], &data->pulse[prev_pulses], 
pkt_pulses * sizeof (*data->pulse));
+-- 
+2.47.3
+
diff -Nru rtl-433-25.02/debian/patches/series 
rtl-433-25.02/debian/patches/series
--- rtl-433-25.02/debian/patches/series 2020-02-17 15:05:28.000000000 +0200
+++ rtl-433-25.02/debian/patches/series 2026-06-30 21:51:30.000000000 +0300
@@ -1 +1,2 @@
 cmake
+0001-Fix-overflow-in-rfraw-test-data-parsing-closes-3375.patch

--- End Message ---
--- Begin Message ---
Version: 13.6

This update was released as part of 13.6.

--- End Message ---

Reply via email to