[Python-modules-team] Bug#587700: marked as done (python-cjson: CVE-2010-1666: buffer overflow)

Tue, 06 Jul 2010 15:21:22 -0700 

Your message dated Tue, 06 Jul 2010 22:17:14 +0000
with message-id <[email protected]>
and subject line Bug#587700: fixed in python-cjson 1.0.5-3
has caused the Debian Bug report #587700,
regarding python-cjson: CVE-2010-1666: buffer overflow
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
587700: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587700
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: python-cjson
Severity: grave
Tags: security

Hi,

The following CVE (Common Vulnerabilities & Exposures) id was published for 
python-cjson.

Quoting the original bug report[1]:
> There is a buffer overrun in cjson 1.0.5, on UCS4 builds. The string length
> is only resized for wide unicode characters if there is less than 12 bytes
> of space left. Padding with narrow-but-escaped characters prevents string
> resizing.
> 
> The following line exhibits the overrun (it *may* segfault or display 
garbage, etc):
> >>> cjson.encode(u'\U0001D11E\U0001D11E\U0001D11E\U0001D11E\u1234\u1234\u12
> >>> 34\u1234\u1234\u1234')
> 
> (u'\U0001D11E\u1234' also breaks, but sometimes goes undetected.)

This issue has been assigned CVE-2010-1666.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
If possible, please provide packages for stable (to be released via the 
security archive.)

For further information see:
[1]https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

--- End Message ---
--- Begin Message --- 
Source: python-cjson
Source-Version: 1.0.5-3

We believe that the bug you reported is fixed in the latest version of
python-cjson, which is due to be installed in the Debian FTP archive:

python-cjson-dbg_1.0.5-3_amd64.deb
  to main/p/python-cjson/python-cjson-dbg_1.0.5-3_amd64.deb
python-cjson_1.0.5-3.debian.tar.gz
  to main/p/python-cjson/python-cjson_1.0.5-3.debian.tar.gz
python-cjson_1.0.5-3.dsc
  to main/p/python-cjson/python-cjson_1.0.5-3.dsc
python-cjson_1.0.5-3_amd64.deb
  to main/p/python-cjson/python-cjson_1.0.5-3_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Debian Python Modules Team <[email protected]> 
(supplier of updated python-cjson package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 06 Jul 2010 23:22:56 +0200
Source: python-cjson
Binary: python-cjson python-cjson-dbg
Architecture: source amd64
Version: 1.0.5-3
Distribution: unstable
Urgency: high
Maintainer: Debian Python Modules Team 
<[email protected]>
Changed-By: Debian Python Modules Team 
<[email protected]>
Description: 
 python-cjson - Very fast JSON encoder/decoder for Python
 python-cjson-dbg - Very fast JSON encoder/decoder for Python (debug extension)
Closes: 587700
Changes: 
 python-cjson (1.0.5-3) unstable; urgency=high
 .
   [ Christian Kastner ]
   * debian/source/format
     - Convert to format 3.0 (quilt)
   * debian/patches:
     - New patch 0001-fix-for-CVE-2010-1666
       Matt Giuca discovered a buffer overflow when encoding wide unicode
       characters on UCS4 builds. This fix was taken from Ubuntu LP #585274,
       which he provided.
       Closes: #587700, Fixes: CVE-2010-1666
Checksums-Sha1: 
 376e493e77206ceac155d4391b4fc65c03c5d4e8 1433 python-cjson_1.0.5-3.dsc
 2a5c27c87defb87d57bdf9e9932845c32939e5b5 4491 
python-cjson_1.0.5-3.debian.tar.gz
 55b1a38e821bf0d6910cd572c41d3f92246f70ee 16156 python-cjson_1.0.5-3_amd64.deb
 57cdda8055434b024cbab65f743d65d217db009a 67778 
python-cjson-dbg_1.0.5-3_amd64.deb
Checksums-Sha256: 
 99a4fa06a5f278c0c6750ee36901096257a2cd4b59f5983260bdb2373c043662 1433 
python-cjson_1.0.5-3.dsc
 8dc793f907a30950e22b84bddba008e73bdcc5c8325aeec428f7e20114fb36ba 4491 
python-cjson_1.0.5-3.debian.tar.gz
 dc0a3195b615d1add749d8ecd904c44b3873a77ad90b63f9948437dba0db589a 16156 
python-cjson_1.0.5-3_amd64.deb
 2ac9dfb8a0ce3468d3a18a73ed2c3974fe3f1db6f0eace506c93614858a442fa 67778 
python-cjson-dbg_1.0.5-3_amd64.deb
Files: 
 4518e7a57fcf573baa928e1a8b6edea0 1433 python optional python-cjson_1.0.5-3.dsc
 5978dca231e03afd1cb11caf5c2dbf0c 4491 python optional 
python-cjson_1.0.5-3.debian.tar.gz
 19cada10558e48983621ab09d0598123 16156 python optional 
python-cjson_1.0.5-3_amd64.deb
 36083fb2e578f5538e3b6e0eea17105c 67778 debug extra 
python-cjson-dbg_1.0.5-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwzqWkACgkQBnqtBMk7/3n4HQCgnu5gbAzG3286+GBqrHTNXODe
UCQAn1iuYg5awUdLf6+r32+NtgpaWBZf
=9Rgg
-----END PGP SIGNATURE-----

--- End Message ---
_______________________________________________
Python-modules-team mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/python-modules-team

Reply via email to