Your message dated Sun, 22 May 2005 07:32:18 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#309746: fixed in cracklib2 2.7-16
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 19 May 2005 09:20:36 +0000
>From [EMAIL PROTECTED] Thu May 19 02:20:36 2005
Return-path: <[EMAIL PROTECTED]>
Received: from viefep18-int.chello.at [213.46.255.21]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DYhCl-0005au-00; Thu, 19 May 2005 02:20:35 -0700
Received: from zero ([85.216.131.224]) by viefep18-int.chello.at
(InterMail vM.6.01.04.04 201-2131-118-104-20050224) with ESMTP
id <[EMAIL PROTECTED]>;
Thu, 19 May 2005 11:19:57 +0200
Received: by zero (Postfix, from userid 1000)
id 9D66B2FBA7; Thu, 19 May 2005 11:19:50 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Robert Trebula <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: libpam-cracklib: passwd program segfaults when pam_cracklib.so used
X-Mailer: reportbug 3.12
Date: Thu, 19 May 2005 11:19:50 +0200
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: libpam-cracklib
Version: 0.76-22
Severity: critical
Tags: security
Justification: root security hole
The only non-commented lines in /etc/pam.d/common-password:
password required pam_cracklib.so retry=3 minlen=6 difok=3
password required pam_unix.so use_authtok nullok md5
Example session of passwd program usage:
[EMAIL PROTECTED]:~$ passwd
Changing password for test
(current) UNIX password:
New UNIX password:
(index fread failed): Success
Segmentation fault
I am no security expert but I feel that suid-root programs should not
segfault.
I would be happy if you prove that it is my fault and there is no root
security hole here.
Kind regards,
Robert
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-4
Locale: LANG=sk_SK, LC_CTYPE=sk_SK (charmap=ISO-8859-2)
Versions of packages libpam-cracklib depends on:
ii cracklib-runtime 2.7-15 Runtime support for password check
ii cracklib2 2.7-15 A pro-active password checker libr
ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii wamerican [wordlist] 5-4 American English dictionary words
ii wbritish [wordlist] 5-4 British English dictionary words f
-- no debconf information
---------------------------------------
Received: (at 309746-close) by bugs.debian.org; 22 May 2005 11:39:27 +0000
>From [EMAIL PROTECTED] Sun May 22 04:39:27 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DZonm-0004d7-00; Sun, 22 May 2005 04:39:26 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DZogs-0007P5-00; Sun, 22 May 2005 07:32:18 -0400
From: Martin Pitt <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#309746: fixed in cracklib2 2.7-16
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 22 May 2005 07:32:18 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: cracklib2
Source-Version: 2.7-16
We believe that the bug you reported is fixed in the latest version of
cracklib2, which is due to be installed in the Debian FTP archive:
cracklib-runtime_2.7-16_i386.deb
to pool/main/c/cracklib2/cracklib-runtime_2.7-16_i386.deb
cracklib2-dev_2.7-16_i386.deb
to pool/main/c/cracklib2/cracklib2-dev_2.7-16_i386.deb
cracklib2_2.7-16.diff.gz
to pool/main/c/cracklib2/cracklib2_2.7-16.diff.gz
cracklib2_2.7-16.dsc
to pool/main/c/cracklib2/cracklib2_2.7-16.dsc
cracklib2_2.7-16_i386.deb
to pool/main/c/cracklib2/cracklib2_2.7-16_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Martin Pitt <[EMAIL PROTECTED]> (supplier of updated cracklib2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 22 May 2005 12:49:14 +0200
Source: cracklib2
Binary: cracklib-runtime cracklib2 cracklib2-dev
Architecture: source i386
Version: 2.7-16
Distribution: unstable
Urgency: high
Maintainer: Martin Pitt <[EMAIL PROTECTED]>
Changed-By: Martin Pitt <[EMAIL PROTECTED]>
Description:
cracklib-runtime - Runtime support for password checker library cracklib2
cracklib2 - A pro-active password checker library
cracklib2-dev - A pro-active password checker library - development
Closes: 309746
Changes:
cracklib2 (2.7-16) unstable; urgency=high
.
* Urgency high since this fixes an RC bug present in Sarge.
* Added debian/patches/10-check-corrupt-dict.diff:
- packlib.c, FindPW(): If GetPW() returns NULL we have a corrupt
dictionary. Check for NULL and exit with an appropriate error message
instead of strcmp()'ing against NULL which triggers a segfault.
* Added debian/patches/11-mkdict-C-locale.diff:
- Run crack_mkdict with locale C; other locales might mess up the
dictionary.
- Thanks to Kenshi Muto for his help with this bug.
- Closes: #309746
Files:
e5304e6421d2fa917a3a5bf29b9b5312 602 libs optional cracklib2_2.7-16.dsc
e5d133808ae275f484737e8929e92f45 21487 libs optional cracklib2_2.7-16.diff.gz
9a8b4ae79e6ed018ca5b29e77217c868 27608 libs optional cracklib2_2.7-16_i386.deb
f0af8ac6a6a89acca801a0d8d4eae4da 25758 libdevel extra
cracklib2-dev_2.7-16_i386.deb
f7088715e70a92ca888b87071494a56b 33820 admin optional
cracklib-runtime_2.7-16_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCkGk/DecnbV4Fd/IRAuZrAJ4yjvAl6akDi00uM4G6I2JaVtHbgQCaAkjr
yvUmSL5NHHiKzuBBq1xQJXU=
=JRRK
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
