Bug#874060: marked as done (unrar-free: CVE-2017-14122: stack overread vulnerability)

Debian Bug Tracking System Sun, 15 Oct 2017 10:22:11 -0700

Your message dated Sun, 15 Oct 2017 17:20:19 +0000
with message-id <e1e3maj-000gd4...@fasolo.debian.org>
and subject line Bug#874060: fixed in unrar-free 1:0.0.1+cvs20140707-4
has caused the Debian Bug report #874060,
regarding unrar-free: CVE-2017-14122: stack overread vulnerability
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
874060: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874060
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: unrar-free
Version: 1:0.0.1+cvs20140707-1
Severity: grave
Tags: security upstream

Hi

>From http://www.openwall.com/lists/oss-security/2017/08/20/1 

Issue 2: Stack overread

A malformed archive can cause a stack overread, detectable with asan.
This issue doesn't happen reliably, I haven't investigated further.

==2585==ERROR: AddressSanitizer: stack-buffer-overflow on address 
0x7fff76184120 at pc 0x000000445d25 bp 0x7fff76183ef0 sp 0x7fff761836a0
READ of size 519 at 0x7fff76184120 thread T0
    #0 0x445d24 in __interceptor_strchr.part.33 (/r/unrar-gpl/unrar+0x445d24)
    #1 0x516d0d in stricomp /f/unrar-gpl/unrar/src/unrarlib.c:851:19
    #2 0x511613 in ExtrFile /f/unrar-gpl/unrar/src/unrarlib.c:745:20
    #3 0x510b02 in urarlib_get /f/unrar-gpl/unrar/src/unrarlib.c:303:13
    #4 0x50b249 in unrar_extract_file /f/unrar-gpl/unrar/src/unrar.c:343:8
    #5 0x50be32 in unrar_extract /f/unrar-gpl/unrar/src/unrar.c:483:9
    #6 0x50c69c in main /f/unrar-gpl/unrar/src/unrar.c:556:14
    #7 0x7f632d3834f0 in __libc_start_main (/lib64/libc.so.6+0x204f0)
    #8 0x419e19 in _start (/r/unrar-gpl/unrar+0x419e19)

Address 0x7fff76184120 is located in stack of thread T0 at offset 544 in frame
    #0 0x516c1f in stricomp /f/unrar-gpl/unrar/src/unrarlib.c:844

  This frame has 2 object(s):
    [32, 544) 'S1'
    [608, 1120) 'S2' <== Memory access at offset 544 partially
    underflows this variable

Regards,
Salvatore

unrar-gpl-stack-overread.rar
Description: application/rar

--- End Message ---

--- Begin Message ---

Source: unrar-free
Source-Version: 1:0.0.1+cvs20140707-4

We believe that the bug you reported is fixed in the latest version of
unrar-free, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 874...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ying-Chun Liu (PaulLiu) <paul...@debian.org> (supplier of updated unrar-free 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 16 Oct 2017 00:46:04 +0800
Source: unrar-free
Binary: unrar-free
Architecture: source amd64
Version: 1:0.0.1+cvs20140707-4
Distribution: unstable
Urgency: low
Maintainer: Ying-Chun Liu (PaulLiu) <paul...@debian.org>
Changed-By: Ying-Chun Liu (PaulLiu) <paul...@debian.org>
Description:
 unrar-free - Unarchiver for .rar files
Closes: 724295 874060 874061
Changes:
 unrar-free (1:0.0.1+cvs20140707-4) unstable; urgency=low
 .
   * Fix CVE-2017-14122 (Closes: #874060)
     - debian/patches/0002-CVE-2017-14122.patch
   * Add autopkgtest for testing CVE-2017-14122
   * Fix CVE-2017-14121 (Closes: #874061)
     - debian/patches/0003-CVE-2017-14121.patch
   * Add autopkgtest for testing CVE-2017-14121
   * Fix compatibility for -y option (Closes: #724295)
     - debian/patches/0004-unrar-nonfree-compat-ignored-options.patch
     - Thanks to Dominik George <n...@naturalnet.de>
   * Bump Standards-Version to 4.1.1: Nothing needs to be changed
Checksums-Sha1:
 ee918fcd8e93bbd251b9ff3a58ec555c3c4840f4 1994 
unrar-free_0.0.1+cvs20140707-4.dsc
 b20bba1496e45edbd5668b4c30916e61c91bffe8 8016 
unrar-free_0.0.1+cvs20140707-4.debian.tar.xz
 0e31a6b1a90aa3723e7d8474e05e56f416299be6 38966 
unrar-free-dbgsym_0.0.1+cvs20140707-4_amd64.deb
 94ded45816828c4c96cab5c51a1b751278d5ed7b 6264 
unrar-free_0.0.1+cvs20140707-4_amd64.buildinfo
 ce388783311931beae64536f193b4c1674939454 25132 
unrar-free_0.0.1+cvs20140707-4_amd64.deb
Checksums-Sha256:
 6424e3673e8306e623da65b7562c4fbb5cb4ab45756d4a1b690ded3b955813d4 1994 
unrar-free_0.0.1+cvs20140707-4.dsc
 4727e63baed3d254d80be9fe6dc77791d1d16dadc31110004d0ee9b74fda097e 8016 
unrar-free_0.0.1+cvs20140707-4.debian.tar.xz
 a5a0ac29d95c28fb035bde6bc675727290d2afca01aeb95372b5cdecb0f0a937 38966 
unrar-free-dbgsym_0.0.1+cvs20140707-4_amd64.deb
 ea5b558efd8f8f53abf4938634404d89b315474eca582fcd049e42ecec74e11b 6264 
unrar-free_0.0.1+cvs20140707-4_amd64.buildinfo
 8b2113d348e065ce71cffab1e15d86102d242efd082d692a9818914d9f8ca36b 25132 
unrar-free_0.0.1+cvs20140707-4_amd64.deb
Files:
 4523caa1dc452616bcd4a74e5ec7475c 1994 utils optional 
unrar-free_0.0.1+cvs20140707-4.dsc
 52ca7a540d24eb54b6468c5bf56c475e 8016 utils optional 
unrar-free_0.0.1+cvs20140707-4.debian.tar.xz
 62e251264613e0feaed10e328f606d63 38966 debug optional 
unrar-free-dbgsym_0.0.1+cvs20140707-4_amd64.deb
 4f40fd721844bb0431980599af9182ca 6264 utils optional 
unrar-free_0.0.1+cvs20140707-4_amd64.buildinfo
 9d31bb0d4d714a8e2fb25bc01fd25f6f 25132 utils optional 
unrar-free_0.0.1+cvs20140707-4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEo2h49GQQhoFgDLZIRBc/oT0FiIgFAlnjlPgTHHBhdWxsaXVA
ZGViaWFuLm9yZwAKCRBEFz+hPQWIiP9WEACxXokNhO2ES/x0wwCQtsHLuRwt9yeA
xNApQyBaW1g8H76IP5d8UI+W2YBlINVQCaR6dVitaKN/VrNevF/XxAvN9WHWcF2/
rShoFnPCG/6IGldL1jzfH7hUku3VnZcHUuIDABwuej8GPxWxVEBRlHpbwul2oPjR
UMKJYrZ72pH9EHmyYY4MHC0tR697M4/O37AUwBrP+WvTW5auPFIMMjXTa4gJLB+Z
Vx7tID01rWE40bYXG4GFTJtKKXU2isR2MEnb2mOEfgg5AZrruuTfVRjotz5VL35f
lHh5GK9hve8aQG/ZXkuZV7wogweAwPV9FoBwiaURS8W+oUkD5shNSV8JVIL1hD8K
QEe6p0EoVwWd6jklIKJ/UrHybjCd5Yqrmf8NZeGnqFwjt+ophvN16wl+1Bfw4rCh
7C27KYG6smFEn6nnV3BWyGA6z/NdpLukzJbXwD4yOVJLQWoWt5VjZUP/m5dRiSOx
5Ft4FhYGiY4XplHVyLZFG30Oy56rvBxiwBSB+UBhI07aVonkb2LEwzILnmJZLVuy
S2d8LZDC19DSXwCmJ7XbrX3m7Am4HCZIIBmvmXFVhN0BNwQ2f7D5FCJLn0Uc/S/v
5vQaapM3Zn/Wzv4Ed43IuWVE4hf0IMjZzp1rFgkugTkM2fWSGWCjB+l4YnmpaeNr
7HO3S9hjXxWMPQ==
=BgoE
-----END PGP SIGNATURE-----

--- End Message ---

Bug#874060: marked as done (unrar-free: CVE-2017-14122: stack overread vulnerability)

Reply via email to