I just had a look at CVE-2016-6830. https://security-tracker.debian.org/tracker/CVE-2016-6830
refers to: http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html Which has the following text: "A fix has been implemented in master d866ac1 and chicken-5 c598381. The patch for master can be found at http://lists.nongnu.org/archive/html/chicken-hackers/2016-07/msg00049.html"; The references commits are: ⌁ [brian:~/tree … n/debian-lts/wheezy/chicken/chicken-core] master ± git show c598381 commit c5983812188d01daeaa9bc64e7306f2a34a9f207 Author: Evan Hanson <[email protected]> Date: Fri Aug 12 17:47:58 2016 +1200 Preserve spawnvp[e] return value in process-spawn diff --git a/posixwin.scm b/posixwin.scm index 89edd82..302a91b 100644 --- a/posixwin.scm +++ b/posixwin.scm @@ -1173,7 +1173,8 @@ EOF (##core#inline "C_u_i_spawnvpe" mode prg argbuf envbuf) (##core#inline "C_u_i_spawnvp" mode prg argbuf)))) (when (fx= r -1) - (posix-error #:process-error 'process-spawn "cannot spawn process" filename))))))) + (posix-error #:process-error 'process-spawn "cannot spawn process" filename)) + r))))) (define-foreign-variable _shlcmd c-string "C_shlcmd") ⌁ [brian:~/tree … n/debian-lts/wheezy/chicken/chicken-core] master ± git show d866ac1 commit d866ac1962d9d73e652c8efaa54685238c3ec780 Author: Evan Hanson <[email protected]> Date: Fri Aug 12 17:47:58 2016 +1200 Preserve spawnvp[e] return value in process-spawn diff --git a/posixwin.scm b/posixwin.scm index 194889e..cfca11c 100644 --- a/posixwin.scm +++ b/posixwin.scm @@ -1166,7 +1166,8 @@ EOF (##core#inline "C_u_i_spawnvpe" mode prg argbuf envbuf) (##core#inline "C_u_i_spawnvp" mode prg argbuf)))) (when (fx= r -1) - (posix-error #:process-error 'process-spawn "cannot spawn process" filename))))))) + (posix-error #:process-error 'process-spawn "cannot spawn process" filename)) + r))))) (define-foreign-variable _shlcmd c-string "C_shlcmd") I am not convinced these commits fix this security issue. Please tell me I am wrong, they look like they would be very simple to apply to wheezy... The reference mailing list post: http://lists.nongnu.org/archive/html/chicken-hackers/2016-07/msg00049.html contains a more complicated patch: NEWS | 6 ++ manual/Acknowledgements | 44 +++++++------- posix-common.scm | 65 +++++++++++++++++++- posixunix.scm | 83 ++++--------------------- posixwin.scm | 158 +++++++++++++++--------------------------------- 5 files changed, 154 insertions(+), 202 deletions(-) It looks like this patch involves refactoring of the code. Which is going to make it more complicated applying it to the wheezy version. -- Brian May <[email protected]>
