Bug#1055350: marked as done (bookworm-pu: package exfatprogs/1.2.0-1+deb12u1)

Sat, 09 Dec 2023 02:32:53 -0800 

Your message dated Sat, 09 Dec 2023 10:20:37 +0000
with message-id 
<83d3a3621a56b9af1e20d36ee9d390a46ab64a8a.ca...@adam-barratt.org.uk>
and subject line Closing requests for updates included in 12.3 point release
has caused the Debian Bug report #1055350,
regarding bookworm-pu: package exfatprogs/1.2.0-1+deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1055350: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055350
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: [email protected]
Usertags: pu
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:exfatprogs

[ Reason ]
https://security-tracker.debian.org/tracker/CVE-2023-45897
Low priority security issue, out-of-bounds memory access
in the exFAT fsck utility exfat2img helper.

[ Impact ]
Low priority security issue is fixed.

[ Tests ]
Manual tests performed that effected tools still work.

[ Risks ]
-

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Adds a patch bundling the three upstream commits
which are referenced together with the CVE ID.

gbp.conf and Vcs-Git reference the bookworm branch


[ Other info ]
There wasn't a bug filled for this CVE in the BTS.
The regular upload of 1.2.2 to unstable fixed the
issue before the CVE ID was published, so there
is not yet a CVE ID mentioned in the unstable
changelog.

diff -Nru exfatprogs-1.2.0/debian/changelog exfatprogs-1.2.0/debian/changelog
--- exfatprogs-1.2.0/debian/changelog   2022-10-28 14:48:05.000000000 +0200
+++ exfatprogs-1.2.0/debian/changelog   2023-11-04 17:56:01.000000000 +0100
@@ -1,3 +1,11 @@
+exfatprogs (1.2.0-1+deb12u1) bookworm; urgency=medium
+
+  * CVE-2023-45897 Add 
debian/patches/CVE-2023-45897-out-of-bounds-memory-access
+    to fix three out-of-bounds memory access issues.
+  * Add bookworm branch information to Vcs-Git and gbp.conf.
+
+ -- Sven Hoexter <[email protected]>  Sat, 04 Nov 2023 17:56:01 +0100
+
 exfatprogs (1.2.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru exfatprogs-1.2.0/debian/control exfatprogs-1.2.0/debian/control
--- exfatprogs-1.2.0/debian/control     2022-10-28 14:47:18.000000000 +0200
+++ exfatprogs-1.2.0/debian/control     2023-11-04 17:38:34.000000000 +0100
@@ -6,7 +6,7 @@
 Standards-Version: 4.6.1
 Rules-Requires-Root: no
 Homepage: https://github.com/exfatprogs/exfatprogs
-Vcs-Git: https://git.sven.stormbind.net/exfatprogs.git
+Vcs-Git: https://git.sven.stormbind.net/exfatprogs.git -b bookworm
 Vcs-Browser: https://git.sven.stormbind.net/?p=sven/exfatprogs.git
 
 Package: exfatprogs
diff -Nru exfatprogs-1.2.0/debian/gbp.conf exfatprogs-1.2.0/debian/gbp.conf
--- exfatprogs-1.2.0/debian/gbp.conf    2022-10-28 14:19:18.000000000 +0200
+++ exfatprogs-1.2.0/debian/gbp.conf    2023-11-04 16:39:40.000000000 +0100
@@ -1,2 +1,3 @@
 [DEFAULT]
 pristine-tar = True
+debian-branch = bookworm
diff -Nru 
exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access 
exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access
--- exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access  
1970-01-01 01:00:00.000000000 +0100
+++ exfatprogs-1.2.0/debian/patches/CVE-2023-45897-out-of-bounds-memory-access  
2023-11-04 16:39:40.000000000 +0100
@@ -0,0 +1,67 @@
+Description: CVE-2023-45897 out-of-bounds memory access
+Origin: 
https://github.com/exfatprogs/exfatprogs/commit/ec78688e5fb5a70e13df82b4c0da1e6228d3ccdf
+ 
https://github.com/exfatprogs/exfatprogs/commit/22d0e43e8d24119cbfc6efafabb0dec6517a86c4
+ 
https://github.com/exfatprogs/exfatprogs/commit/4abc55e976573991e6a1117bb2b3711e59da07ae
+Last-Update: 2023-10-31
+Index: exfatprogs/exfat2img/exfat2img.c
+===================================================================
+--- exfatprogs.orig/exfat2img/exfat2img.c
++++ exfatprogs/exfat2img/exfat2img.c
+@@ -319,7 +319,7 @@ static int read_file_dentry_set(struct e
+       if (!node)
+               return -ENOMEM;
+ 
+-      for (i = 2; i <= file_de->file_num_ext; i++) {
++      for (i = 2; i <= MIN(file_de->file_num_ext, 1 + MAX_NAME_DENTRIES); 
i++) {
+               ret = exfat_de_iter_get(iter, i, &dentry);
+               if (ret || dentry->type != EXFAT_NAME)
+                       break;
+Index: exfatprogs/fsck/fsck.c
+===================================================================
+--- exfatprogs.orig/fsck/fsck.c
++++ exfatprogs/fsck/fsck.c
+@@ -769,7 +769,7 @@ ask_again:
+               char *rename = NULL;
+               __u16 hash;
+               struct exfat_dentry *stream_de;
+-              int name_len, ret;
++              int ret;
+ 
+               switch (num) {
+               case 1:
+@@ -798,11 +798,11 @@ ask_again:
+               if (ret < 0)
+                       return ret;
+ 
++              ret >>=1;
+               memcpy(dentry->name_unicode, utf16_name, ENTRY_NAME_MAX * 2);
+-              name_len = exfat_utf16_len(utf16_name, ENTRY_NAME_MAX * 2);
+-              hash = exfat_calc_name_hash(iter->exfat, utf16_name, 
(int)name_len);
++              hash = exfat_calc_name_hash(iter->exfat, utf16_name, ret);
+               exfat_de_iter_get_dirty(iter, 1, &stream_de);
+-              stream_de->stream_name_len = (__u8)name_len;
++              stream_de->stream_name_len = (__u8)ret;
+               stream_de->stream_name_hash = cpu_to_le16(hash);
+       }
+ 
+@@ -856,7 +856,7 @@ static int read_file_dentry_set(struct e
+       if (!node)
+               return -ENOMEM;
+ 
+-      for (i = 2; i <= file_de->file_num_ext; i++) {
++      for (i = 2; i <= MIN(file_de->file_num_ext, 1 + MAX_NAME_DENTRIES); 
i++) {
+               ret = exfat_de_iter_get(iter, i, &dentry);
+               if (ret || dentry->type != EXFAT_NAME) {
+                       if (i > 2 && repair_file_ask(iter, NULL, ER_DE_NAME,
+Index: exfatprogs/include/exfat_ondisk.h
+===================================================================
+--- exfatprogs.orig/include/exfat_ondisk.h
++++ exfatprogs/include/exfat_ondisk.h
+@@ -40,6 +40,7 @@
+ /* exFAT allows 8388608(256MB) directory entries */
+ #define MAX_EXFAT_DENTRIES    8388608
+ #define MIN_FILE_DENTRIES     3
++#define MAX_NAME_DENTRIES     17
+ 
+ /* dentry types */
+ #define MSDOS_DELETED         0xE5    /* deleted mark */
diff -Nru exfatprogs-1.2.0/debian/patches/series 
exfatprogs-1.2.0/debian/patches/series
--- exfatprogs-1.2.0/debian/patches/series      1970-01-01 01:00:00.000000000 
+0100
+++ exfatprogs-1.2.0/debian/patches/series      2023-11-04 16:39:40.000000000 
+0100
@@ -0,0 +1 @@
+CVE-2023-45897-out-of-bounds-memory-access

--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 12.3

Hi,

Each of the updates discussed in these requests was included in this
morning's 12.3 bookworm point release.

Regards,

Adam

--- End Message ---

Reply via email to