Your message dated Sun, 15 Feb 2015 15:54:56 +0000
with message-id <[email protected]>
and subject line Re: Bug#778475: unblock: librcsb-core-wrapper/1.005-3
has caused the Debian Bug report #778475,
regarding unblock: librcsb-core-wrapper/1.005-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
778475: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778475
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package librcsb-core-wrapper
A security problem was reported (#778397) against this package which is
fixed by this upload (see debdiff).
Thanks for your work on the Debian release
Andreas.
unblock librcsb-core-wrapper/1.005-3
-- System Information:
Debian Release: 7.8
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru librcsb-core-wrapper-1.005/debian/changelog librcsb-core-wrapper-1.005/debian/changelog
--- librcsb-core-wrapper-1.005/debian/changelog 2014-09-18 21:53:44.000000000 +0200
+++ librcsb-core-wrapper-1.005/debian/changelog 2015-02-14 18:08:44.000000000 +0100
@@ -1,3 +1,11 @@
+librcsb-core-wrapper (1.005-3) unstable; urgency=medium
+
+ * Patch for Henry Spencer regular expressions (regex) library contains
+ a heap overflow vulnerability
+ Closes: #778397
+
+ -- Andreas Tille <[email protected]> Sat, 14 Feb 2015 17:56:49 +0100
+
librcsb-core-wrapper (1.005-2) unstable; urgency=medium
* Added libtool-bin as a build-dep (Closes: #761768).
diff -Nru librcsb-core-wrapper-1.005/debian/patches/regcomp_cert_fix.patch librcsb-core-wrapper-1.005/debian/patches/regcomp_cert_fix.patch
--- librcsb-core-wrapper-1.005/debian/patches/regcomp_cert_fix.patch 1970-01-01 01:00:00.000000000 +0100
+++ librcsb-core-wrapper-1.005/debian/patches/regcomp_cert_fix.patch 2015-02-14 18:07:41.000000000 +0100
@@ -0,0 +1,43 @@
+Author: Andreas Tille <[email protected]>
+Last-Update: Sat, 14 Feb 2015 17:51:06 +0100
+Origin: https://gitweb.dragonflybsd.org/dragonfly.git/blobdiff_plain/4d133046c59a851141519d03553a70e903b3eefc..2841837793bd095a82f477e9c370cfe6cfb3862c:/lib/libc/regex/regcomp.c
+Bug-Debian: http://bugs.debian.org/778397
+Forwarded: [email protected], Vladimir Guranovic <[email protected]>
+Description: Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability
+ This patch adapts the patch found at Origin (see above) to the
+ regex code found in librcsb-core-wrapper.
+
+--- librcsb-core-wrapper-1.005.orig/regex/src/regcomp.c
++++ librcsb-core-wrapper-1.005/regex/src/regcomp.c
+@@ -93,6 +93,7 @@ int cflags;
+ register struct parse *p = &pa;
+ register int i;
+ register size_t len;
++ register size_t maxlen;
+ #ifdef REDEBUG
+ # define GOODFLAGS(f) (f)
+ #else
+@@ -115,7 +116,23 @@ int cflags;
+ (NC-1)*sizeof(cat_t));
+ if (g == NULL)
+ return(REG_ESPACE);
++ /*
++ * Limit the pattern space to avoid a 32-bit overflow on buffer
++ * extension. Also avoid any signed overflow in case of conversion
++ * so make the real limit based on a 31-bit overflow.
++ *
++ * Likely not applicable on 64-bit systems but handle the case
++ * generically (who are we to stop people from using ~715MB+
++ * patterns?).
++ */
++ maxlen = ((size_t)-1 >> 1) / sizeof(sop) * 2 / 3;
++ if (len >= maxlen) {
++ free((char *)g);
++ return(REG_ESPACE);
++ }
+ p->ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */
++ assert(p->ssize >= len);
++
+ p->strip = (sop *)malloc(p->ssize * sizeof(sop));
+ p->slen = 0;
+ if (p->strip == NULL) {
diff -Nru librcsb-core-wrapper-1.005/debian/patches/series librcsb-core-wrapper-1.005/debian/patches/series
--- librcsb-core-wrapper-1.005/debian/patches/series 2014-09-18 21:11:53.000000000 +0200
+++ librcsb-core-wrapper-1.005/debian/patches/series 2015-02-14 17:44:47.000000000 +0100
@@ -11,3 +11,4 @@
spelling
exit-in-shlib
make_test_target
+regcomp_cert_fix.patch
--- End Message ---
--- Begin Message ---
On Sun, 2015-02-15 at 16:31 +0100, Andreas Tille wrote:
> Please unblock package librcsb-core-wrapper
>
> A security problem was reported (#778397) against this package which is
> fixed by this upload (see debdiff).
Unblocked.
Regards,
Adam
--- End Message ---
