Your message dated Mon, 08 Jul 2019 10:09:01 +0000
with message-id <[email protected]>
and subject line Bug#929726: fixed in systemd 241-6
has caused the Debian Bug report #929726,
regarding ask-password: prevent buffer overrow when reading from keyring
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
929726: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929726
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: systemd
Version: 241-5
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu eoan ubuntu-patch
Dear Maintainer,
When we read from keyring, a temporary buffer is allocated in order to
determine the size needed for the entire data. However, when zeroing that area,
we use the data size returned by the read instead of the lesser size allocate
for the buffer.
That will cause memory corruption that causes systemd-cryptsetup to crash
either when a single large password is used or when multiple passwords have
already been pushed to the keyring
* d/p/ask-password-prevent-buffer-overrow-when-reading-fro.patch:
- prevent buffer overflow when reading keyring (LP: #1814373)
Thanks for considering the patch.
-- System Information:
Debian Release: buster/sid
APT prefers disco-updates
APT policy: (500, 'disco-updates'), (500, 'disco-security'), (500, 'disco'),
(100, 'disco-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.0.0-13-generic (SMP w/24 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages systemd is related to:
pn dracut <none>
ii initramfs-tools 0.131ubuntu19
ii udev 240-6ubuntu5
diff -Nru
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
---
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
1969-12-31 19:00:00.000000000 -0500
+++
systemd-241/debian/patches/ask-password-prevent-buffer-overrow-when-reading-fro.patch
2019-05-29 11:44:09.000000000 -0400
@@ -0,0 +1,35 @@
+From 59c55e73eaee345e1ee67c23eace8895ed499693 Mon Sep 17 00:00:00 2001
+From: Thadeu Lima de Souza Cascardo <[email protected]>
+Date: Mon, 13 May 2019 16:58:01 -0300
+Subject: [PATCH] ask-password: prevent buffer overrow when reading from
+ keyring
+
+When we read from keyring, a temporary buffer is allocated in order to
+determine the size needed for the entire data. However, when zeroing that area,
+we use the data size returned by the read instead of the lesser size allocate
+for the buffer.
+
+That will cause memory corruption that causes systemd-cryptsetup to crash
+either when a single large password is used or when multiple passwords have
+already been pushed to the keyring.
+
+Signed-off-by: Thadeu Lima de Souza Cascardo <[email protected]>
+
+Origin: upstream,
https://github.com/systemd/systemd/commit/59c55e73eaee345e1ee67c23eace8895ed499693
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1814373
+
+---
+ src/shared/ask-password-api.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/shared/ask-password-api.c
++++ b/src/shared/ask-password-api.c
+@@ -81,7 +81,7 @@
+ if (n < m)
+ break;
+
+- explicit_bzero_safe(p, n);
++ explicit_bzero_safe(p, m);
+ free(p);
+ m *= 2;
+ }
diff -Nru systemd-241/debian/patches/series systemd-241/debian/patches/series
--- systemd-241/debian/patches/series 2019-05-24 16:58:59.000000000 -0400
+++ systemd-241/debian/patches/series 2019-05-29 11:44:29.000000000 -0400
@@ -35,3 +35,4 @@
debian/Let-graphical-session-pre.target-be-manually-started.patch
debian/Add-env-variable-for-machine-ID-path.patch
debian/Drop-seccomp-system-call-filter-for-udev.patch
+ask-password-prevent-buffer-overrow-when-reading-fro.patch
--- End Message ---
--- Begin Message ---
Source: systemd
Source-Version: 241-6
We believe that the bug you reported is fixed in the latest version of
systemd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Biebl <[email protected]> (supplier of updated systemd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 08 Jul 2019 11:27:51 +0200
Source: systemd
Architecture: source
Version: 241-6
Distribution: unstable
Urgency: medium
Maintainer: Debian systemd Maintainers
<[email protected]>
Changed-By: Michael Biebl <[email protected]>
Closes: 927911 929469 929726
Changes:
systemd (241-6) unstable; urgency=medium
.
* ask-password: Prevent buffer overflow when reading from keyring.
Fixes a possible memory corruption that causes systemd-cryptsetup to
crash either when a single large password is used or when multiple
passwords have already been pushed to the keyring. (Closes: #929726)
* Clarify documentation regarding %h/%u/%U specifiers.
Make it clear, that setting "User=" has no effect on those specifiers.
Also ensure that "%h" is actually resolved to "/root" for the system
manager instance as documented in the systemd.unit man page.
(Closes: #927911)
* network: Behave more gracefully when IPv6 has been disabled.
Ignore any configured IPv6 settings when IPv6 has been disabled in the
kernel via sysctl. Instead of failing completely, continue and log a
warning instead. (Closes: #929469)
Checksums-Sha1:
fa3735244f7e4455a00be74820773dd9ec2f5316 4914 systemd_241-6.dsc
0fb72a47bdb4f8a36ca36a2e2828384b8ff79689 159868 systemd_241-6.debian.tar.xz
01e1790c38bb792c8ae4315a134525cd99eb294c 9378 systemd_241-6_source.buildinfo
Checksums-Sha256:
fbd9a2634fc785bacb16b14eb1a7a63643acf8f5eefc1786bc67e86cf6ed9e0d 4914
systemd_241-6.dsc
a26a3bde0acb88157864ba47cf40f37182aa04f7b09c44e8ec06a58df78aaa2b 159868
systemd_241-6.debian.tar.xz
e64123e90b525ebc115ad8c903bc69d4d760ee36202b36cc94e4878588cd74f1 9378
systemd_241-6_source.buildinfo
Files:
30138b43978a127d4f465f2d7475c0fb 4914 admin optional systemd_241-6.dsc
42c1df3e2e0eae1d2780fbbd64dc6ecc 159868 admin optional
systemd_241-6.debian.tar.xz
a1c4f4b7505bccda394ec85376120a21 9378 admin optional
systemd_241-6_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAl0jDe8ACgkQauHfDWCP
ItwpUw//YJ8UtCIQGlklUpVYZ3HYOECb3JyQgWTbFXX5vlwKW3q4qtbpF1hnipMB
yWwGcnQwDGjU7GaQ2Pucrv8X42Myi41EZx6+QOKmYkzw3OgH/sT+Pd+V1fYxqdR5
LxSEVX6JLumEUuRuvJDO48vY6gTmAuav8WZTZSv9RFsos+HP8DU+tTjGQFDvna1O
X/nleLos7qNvFk4jzkUVXClkeObEb4XSUvxfLo9W4URIwP7+NwE/cjUR2hfUqDva
VbH/xxK54DkZbqBqRO3SqLMlkreDURKkIYqGOYKiyrrCY19ui9QMwLdQ8LZdXWIX
f6x814dUTdS1ZFHp5NbwKxGn2mI/JjxRkav94hASu5gEPi6NpYvj7QO1KOt6IgFf
JEhISFvYMGthc+noBtgvW/ZoA4sJV+5F54lt70Ww9/t7f6JWR9Hg2R6r2w67iKqY
R46DgsCi84s/G05KCzxXc45e3P8L4P3FAOj/ktnHTJsR+gGZw8TVSI2aqrPuFtFQ
wDWKdQOD29JRyALTdj0/YsbAWB9C8mU+NQFDHtBvM8cbHdKQPDwxRZ45zVltukt+
Ru7ZGqpbPYWx4GEW6iAVmBslj61e0bxJaMJFNAKNSqhHwfhkj9g0rUEF9d/ZMshU
+rc+DsMftz4rbcyTolEN8f3qHMnHmeP4t0UERao4t95MQFZKW+I=
=eez9
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Pkg-systemd-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
