Your message dated Tue, 10 Jan 2023 09:04:19 +0000 with message-id <e1pfayn-00h7ne...@fasolo.debian.org> and subject line Bug#984938: fixed in avahi 0.8-7 has caused the Debian Bug report #984938, regarding avahi: CVE-2021-3468: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 984938: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: avahi-daemon Version: 0.7-4+b1 Severity: important Tags: security Dear Maintainers, I found a local denial-of-service vulnerability in avahi-daemon. It can be triggered by writing long lines to /run/avahi-daemon/socket and results in an unresponsive busy-loop of the daemon. Steps to reproduce: $ perl -e '$|=1; print "a"x(20*1024+1); sleep 1;' | socat - /run/avahi-daemon/socket $ top --> check that avahi-daemon uses 100% CPU, does not react to any valid requests anymore (at least not using that socket) and does not react to SIGTERM. Note that every local user has access to the socket. Note that in [1], function "client_work()", the code reacts to the filling of its input buffer with disabling the io-watcher, so the io-watcher itself must be at fault (though this specific problem could be fixed in that function by just dropping the whole connection the moment the buffer fills up). [1] https://github.com/lathiat/avahi/blob/master/avahi-daemon/simple-protocol.c Yours Thomas Kremer -- System Information: Debian Release: 10.8 APT prefers stable APT policy: (700, 'stable'), (500, 'oldoldstable'), (500, 'oldstable'), (450, 'testing'), (400, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages avahi-daemon depends on: ii adduser 3.118 ii bind9-host [host] 1:9.11.5.P4+dfsg-5.1+deb10u3 ii dbus 1.12.20-0+deb10u1 ii libavahi-common3 0.7-4+b1 ii libavahi-core7 0.7-4+b1 ii libc6 2.28-10 ii libcap2 1:2.25-2 ii libdaemon0 0.14-7 ii libdbus-1-3 1.12.20-0+deb10u1 ii libexpat1 2.2.6-2+deb10u1 ii lsb-base 10.2019051400 Versions of packages avahi-daemon recommends: ii libnss-mdns 0.14.1-1 Versions of packages avahi-daemon suggests: pn avahi-autoipd <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: avahi Source-Version: 0.8-7 Done: Michael Biebl <bi...@debian.org> We believe that the bug you reported is fixed in the latest version of avahi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 984...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Biebl <bi...@debian.org> (supplier of updated avahi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 10 Jan 2023 09:33:02 +0100 Source: avahi Architecture: source Version: 0.8-7 Distribution: unstable Urgency: medium Maintainer: Utopia Maintenance Team <pkg-utopia-maintain...@lists.alioth.debian.org> Changed-By: Michael Biebl <bi...@debian.org> Closes: 984938 Changes: avahi (0.8-7) unstable; urgency=medium . [ Debian Janitor ] * Remove constraints unnecessary since buster * Build-Depends: Drop versioned constraint on intltool, libcap-dev, libdaemon-dev, libdbus-1-dev and libglib2.0-dev. * avahi-daemon: Drop versioned constraint on libnss-mdns in Recommends. * libavahi-client-dev: Drop versioned constraint on libdbus-1-dev in Depends. * libavahi-compat-libdnssd1: Drop versioned constraint on libnss-mdns in Recommends. * Remove 3 maintscript entries from 2 files. Changes-By: deb-scrub-obsolete . [ Michael Biebl ] * Fix encoding of avahi-common/domain.h to be valid UTF-8 * Avoid infinite-loop in avahi-daemon by handling HUP event in client_work. Fixes a local DoS that could be triggered by writing long lines to /run/avahi-daemon/socket. (CVE-2021-3468, Closes: #984938) * Bump Standards-Version to 4.6.2 * Update homepage URL in debian/{copyright,control} and use https * Remove obsolete migration code * Drop obsolete Conflicts against zeroconf from avahi-autoipd * Use execute_{after,before} instead of override where possible Checksums-Sha1: 9c86f8a3064534a427293f45e32a4966acb39d7b 3897 avahi_0.8-7.dsc c66c4ad02329fbb2004f7b5e830bd6b71002c071 37756 avahi_0.8-7.debian.tar.xz cb96b15775a0128d89ad2dcaf376920a5028011d 15330 avahi_0.8-7_source.buildinfo Checksums-Sha256: 44720aa9eff6605d448ee4a738fd6d1ed7cf74e353f5a2b7cd215bbabfc4fdfc 3897 avahi_0.8-7.dsc 1f9f14dc4998107fe8966b06257e1732c40667ed0f41e139c9fb1b8b74d947ac 37756 avahi_0.8-7.debian.tar.xz b81b6dbd5986684d7092f5a2d96ea58dece500abce16c3995fc6ca911de53f1c 15330 avahi_0.8-7_source.buildinfo Files: 04238455fd9fa589de4275ae24ebd5a3 3897 net optional avahi_0.8-7.dsc 42180d02c3ee8d30c25b5b07622b4494 37756 net optional avahi_0.8-7.debian.tar.xz b3ed349f159e89a44ac88a3164024c32 15330 net optional avahi_0.8-7_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmO9I+UACgkQauHfDWCP Itz/8A/+KW0A87M8MjWGRqZiHINAzKouCyxvqmwDEvWGMJd5yEi+7xYSN/ZpiJ2E LKefmm4rIl18D704cfG+mE/464ILpHCXqana24R99nWFbRySTwQbl0nvSEzrNVAQ XDrof3fPFUB0+f61faqaxW3OO/++usrAoPHSRTuX12/CPf+MyzvG9oyvMKOwsf4U X6h2/KNyAYCU6bQufxdUeqIWQXwWuqswk4J3DurLejgkb+Za9h94FQuWyV9HIXTu OoCoE9fqvWh3l4zD3ze1UDK9fuakaBvUQ0tVL5XN6reN+KXCk2tlbEvKNE5GkcWn SJikVswUGa5zw0rn+pnE4B0v0VjMONHiTSQs6jWfiJOtMc33lI0D9G217QHBkn4/ bxYs8dfO7aNDlUpaS1sMRKjvQGYSJqLoNKzV08+sb4I7dGhL7NF0a/vVN9FJWss9 rPTMDnqHbLX0Yaw3rVsLafl/wJG2tefTzEWRUu65ofgS/G3ESvTzttkHOmjVMw1E UgPoGubfUCaaIvxJlnA67ghOOA4VZOnNMtQOt+ZYoSVmEqjpzsZ5yla/j2zmRYQP AkQjnc5iGYPH4ZIVSfoJX4qlgVD9ykbBUtJKOQNnxKOO0J5+oCSrbEZeXBWNhQMr Lpf3v7/mcw2rxd95WIrsPmUEYoGQIhC5w+juX1Mc4XBnLum/B+c= =S2Qy -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-utopia-maintainers mailing list Pkg-utopia-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
