Your message dated Sun, 21 Apr 2024 19:24:53 +0000
with message-id <e1ryco1-000e6v...@fasolo.debian.org>
and subject line Bug#1068818: fixed in sngrep 1.8.1-1
has caused the Debian Bug report #1068818,
regarding sngrep: CVE-2024-3119 CVE-2024-3120
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1068818: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068818
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sngrep
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for sngrep.
CVE-2024-3119[0]:
| A buffer overflow vulnerability exists in all versions of sngrep
| since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID'
| SIP headers. The functions sip_get_callid and sip_get_xcallid in
| sip.c use the strncpy function to copy header contents into fixed-
| size buffers without checking the data length. This flaw allows
| remote attackers to execute arbitrary code or cause a denial of
| service (DoS) through specially crafted SIP messages.
https://github.com/irontec/sngrep/commit/dd5fec92730562af6f96891291cd4e102b80bfcc
(v1.8.1)
CVE-2024-3120[1]:
| A stack-buffer overflow vulnerability exists in all versions of
| sngrep since v1.4.1. The flaw is due to inadequate bounds checking
| when copying 'Content-Length' and 'Warning' headers into fixed-size
| buffers in the sip_validate_packet and sip_parse_extra_headers
| functions within src/sip.c. This vulnerability allows remote
| attackers to execute arbitrary code or cause a denial of service
| (DoS) via crafted SIP messages.
https://github.com/irontec/sngrep/commit/f3f8ed8ef38748e6d61044b39b0dabd7e37c6809
(v1.8.1)
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-3119
https://www.cve.org/CVERecord?id=CVE-2024-3119
[1] https://security-tracker.debian.org/tracker/CVE-2024-3120
https://www.cve.org/CVERecord?id=CVE-2024-3120
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: sngrep
Source-Version: 1.8.1-1
Done: Victor Seva <vs...@debian.org>
We believe that the bug you reported is fixed in the latest version of
sngrep, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1068...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Victor Seva <vs...@debian.org> (supplier of updated sngrep package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 Apr 2024 21:00:43 +0200
Source: sngrep
Architecture: source
Version: 1.8.1-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintain...@lists.alioth.debian.org>
Changed-By: Victor Seva <vs...@debian.org>
Closes: 1068818
Changes:
sngrep (1.8.1-1) unstable; urgency=high
.
* New upstream version 1.8.1
* fixes for CVE-2024-3119 and CVE-2024-3120 (Closes: #1068818)
Checksums-Sha1:
077c2ddfa42c284a462c8a4c11781e311313ac9b 1670 sngrep_1.8.1-1.dsc
88c61d7184ef1ad1c76f986bbe8f12bd2269367a 254097 sngrep_1.8.1.orig.tar.gz
683f8cdbd90707ddfcc4059919050aa1d649a243 488 sngrep_1.8.1.orig.tar.gz.asc
2f8e4703d0ee3063a294e97d41ca66a78e992b03 5072 sngrep_1.8.1-1.debian.tar.xz
1a104d726f2a4f3bc7d9c62e3578bc22572f82ea 6781 sngrep_1.8.1-1_amd64.buildinfo
Checksums-Sha256:
254c2a5d27c3230321b791dfb98275110cbabdfb35f5ab05273524b662e6518f 1670
sngrep_1.8.1-1.dsc
678875d44c6fdacb533f2d9e1b8db33ee8252723bb95653368fd43fae58969fe 254097
sngrep_1.8.1.orig.tar.gz
771e34ff50b00945313a0183df18cf2eda0a7b2ce89214e4a61e2a731ac782a5 488
sngrep_1.8.1.orig.tar.gz.asc
d4dbebae8c12af38985c9622115e9d25a5cb4f44046acb18721d9370216d4713 5072
sngrep_1.8.1-1.debian.tar.xz
99ebb79656660f6fc8248688029a692bd8a8e16e7bed7dfc64848e6f87ca1db8 6781
sngrep_1.8.1-1_amd64.buildinfo
Files:
5a7f39576373f783865fdaf78e95497d 1670 comm optional sngrep_1.8.1-1.dsc
1c1fb7e5a6ede73e86fa319d096ff552 254097 comm optional sngrep_1.8.1.orig.tar.gz
76e1710ace45c59f4a35af1d0ef7c337 488 comm optional sngrep_1.8.1.orig.tar.gz.asc
4178034dadbe6e0d60e859a3ef0837b9 5072 comm optional
sngrep_1.8.1-1.debian.tar.xz
ff61388ddb6e64eef76b16fd8cd75d9f 6781 comm optional
sngrep_1.8.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iIcEARYKAC8WIQQq6AO8RS0zF4SC1vh9e2XEKg7IsgUCZiVi/BEcdnNldmFAZGVi
aWFuLm9yZwAKCRB9e2XEKg7Isn8pAQCswQtSqm01L7C0C5Dr4MQXRdVh5Yu0094Q
pCxPrAxbhQD/TohKdVJOulcWl2XjJwCnVnSIFpE28YeSPU+v/r28eAU=
=nXKA
-----END PGP SIGNATURE-----
pgpiMe6LWjc2z.pgp
Description: PGP signature
--- End Message ---
