Bug#1123741: igmpproxy: diff for NMU version 0.3-1.1

Thu, 07 May 2026 02:29:13 -0700 

Control: tags 1123741 + patch
Control: tags 1123741 + pending

Dear maintainer,

I've prepared an NMU for igmpproxy (versioned as 0.3-1.1) and uploaded 
it to DELAYED/1. Please feel free to tell me if I should cancel it.

cu
Adrian

diffstat for igmpproxy-0.3 igmpproxy-0.3

 changelog                                 |    8 ++++++++
 patches/0001-Fix-Buffer-Overflow-97.patch |   25 +++++++++++++++++++++++++
 patches/series                            |    1 +
 3 files changed, 34 insertions(+)

diff -Nru igmpproxy-0.3/debian/changelog igmpproxy-0.3/debian/changelog
--- igmpproxy-0.3/debian/changelog	2021-01-04 19:54:27.000000000 +0200
+++ igmpproxy-0.3/debian/changelog	2026-05-07 12:18:19.000000000 +0300
@@ -1,3 +1,11 @@
+igmpproxy (0.3-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2025-50681: buffer overflow in igmpPacketKind()
+    (Closes: #1123741)
+
+ -- Adrian Bunk <[email protected]>  Thu, 07 May 2026 12:18:19 +0300
+
 igmpproxy (0.3-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru igmpproxy-0.3/debian/patches/0001-Fix-Buffer-Overflow-97.patch igmpproxy-0.3/debian/patches/0001-Fix-Buffer-Overflow-97.patch
--- igmpproxy-0.3/debian/patches/0001-Fix-Buffer-Overflow-97.patch	1970-01-01 02:00:00.000000000 +0200
+++ igmpproxy-0.3/debian/patches/0001-Fix-Buffer-Overflow-97.patch	2026-05-07 12:18:07.000000000 +0300
@@ -0,0 +1,25 @@
+From fce5839a2aac4b091bc82966edce595c13074d50 Mon Sep 17 00:00:00 2001
+From: Jan Klemkow <[email protected]>
+Date: Thu, 17 Apr 2025 19:02:16 +0200
+Subject: Fix Buffer Overflow #97
+
+---
+ src/igmp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/igmp.c b/src/igmp.c
+index 3891437..67e5b80 100644
+--- a/src/igmp.c
++++ b/src/igmp.c
+@@ -94,7 +94,7 @@ static const char *igmpPacketKind(unsigned int type, unsigned int code) {
+     case IGMP_V2_LEAVE_GROUP:        return "Leave message     ";
+ 
+     default:
+-        sprintf(unknown, "unk: 0x%02x/0x%02x    ", type, code);
++        snprintf(unknown, sizeof unknown, "unk: 0x%02x/0x%02x    ", type, code);
+         return unknown;
+     }
+ }
+-- 
+2.47.3
+
diff -Nru igmpproxy-0.3/debian/patches/series igmpproxy-0.3/debian/patches/series
--- igmpproxy-0.3/debian/patches/series	1970-01-01 02:00:00.000000000 +0200
+++ igmpproxy-0.3/debian/patches/series	2026-05-07 12:18:17.000000000 +0300
@@ -0,0 +1 @@
+0001-Fix-Buffer-Overflow-97.patch

Reply via email to