Bug#933742: marked as done (slirp4netns: CVE-2019-14378: heap buffer overflow during packet reassembly)
Your message dated Mon, 26 Aug 2019 19:17:09 + with message-id and subject line Bug#933742: fixed in slirp4netns 0.2.3-1 has caused the Debian Bug report #933742, regarding slirp4netns: CVE-2019-14378: heap buffer overflow during packet reassembly to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 933742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: qemu Version: 1:3.1+dfsg-8 Severity: grave Tags: security upstream Control: clone -1 -2 Control: reassign -2 src:slirp4netns 0.3.1-1 Control: retitle -2 slirp4netns: CVE-2019-14459: heap buffer overflow during packet reassembly Hi, The following vulnerability was published for qemu (respective the SLiRP networking implemenatation which is as well forked in slirp4netns). CVE-2019-14378[0]: | ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer | overflow via a large packet because it mishandles a case involving the | first fragment. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-14378 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378 [1] https://gitlab.freedesktop.org/slirp/libslirp/commit/126c04acbabd7ad32c2b018fe10dfac2a3bc1210 [2] https://www.openwall.com/lists/oss-security/2019/08/01/2 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: slirp4netns Source-Version: 0.2.3-1 We believe that the bug you reported is fixed in the latest version of slirp4netns, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 933...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Reinhard Tartler (supplier of updated slirp4netns package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 25 Aug 2019 08:46:53 -0400 Source: slirp4netns Architecture: source Version: 0.2.3-1 Distribution: buster Urgency: medium Maintainer: Reinhard Tartler Changed-By: Reinhard Tartler Closes: 933742 Changes: slirp4netns (0.2.3-1) buster; urgency=medium . * New upstream releases: - 0.2.2: check sscanf result when emulating ident, CVE-2019-9824 - 0.2.3: Fixes heap overflow in included libslirp, Closes: #933742, CVE-2019-14378 Checksums-Sha1: 459c12f439d0f2ba629d1ad5791ca49041931709 2087 slirp4netns_0.2.3-1.dsc befcd9e2f1b1fbf8b51ccac4b83536e22af12003 136459 slirp4netns_0.2.3.orig.tar.gz 370b1cf92bf21491038fc08f9d4fa3fcba432878 3968 slirp4netns_0.2.3-1.debian.tar.xz Checksums-Sha256: 083be07a86b98e20a93c40519eb1a353ae5048338956f3b6c48e7d62a31c13ba 2087 slirp4netns_0.2.3-1.dsc e7c4bc898f7e4672c66c9e2cdc472019b3c8080c3852b2b420e1db9ea34dd7b2 136459 slirp4netns_0.2.3.orig.tar.gz 953655fff5b087b4e487f5c39a7c9c2c6ed2efd8bdb63aad66c0b98cbe46b25f 3968 slirp4netns_0.2.3-1.debian.tar.xz Files: 64480c14b3e81933dcda755645ac895f 2087 misc optional slirp4netns_0.2.3-1.dsc 2085b7a90b214f5972206088e221c782 136459 misc optional slirp4netns_0.2.3.orig.tar.gz eb8ff529a427e9dfd2e103d0173eba11 3968 misc optional slirp4netns_0.2.3-1.debian.tar.xz -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEEMN59F2OrlFLH4IJQSadpd5QoJssFAl1ihMYUHHNpcmV0YXJ0 QHRhdXdhcmUuZGUACgkQSadpd5QoJssJag/8DB1ciA3vZITwy9qi0MYPsSeCV7CU Xp5jb/ki6JdQiiyz/UpJr9IQqRqCoPVJPJOhixLFwbtUBs1cXLatwuCrmSxBlTdc 9+6AzwBHkidQyH0oylKz7EZXxvUv7iKfZb803YLPI68cyTodmTngwdWFUVuRi4XS MuwteTkvINyDX+PuZ8JmCp/orvTUwivNgx7wKS/MZI4LNS+xg0qsZmXNlXlLVv58 on3gJeqT44U4PU3hyhz+FJ+oxMVL8vxh0eL3xILetESRutjKL6urX/qTvysBr3+J niALA48VcAnd62IE2UNrwvMHKPxF8yK60HY3MHsOu/5Wup5cyrSE2ofhym4AnWB8 AJn7IM7OwZ1uAYQSjB1yUQageqZJnbkpFo1Uxrs4JBNBAxOLOV318OC/SAR3wVP8 srkumJjwc/KWtNr7lBXFud+4H9M/lnf31JWbfLAg3KRUEsiIjJibjSTnjkMLjduA 1jmC9UvQ40Cvp42Hb9VBd+HkB/4m7P+ylm2mgYAl9Um90nFM3JveDPV786394JnA psHblMCyCKmme0qlD0OiTDpUG4VOeplMgyqhlQT1vyZ8RSk2kW2RrYaLCKgo3JVT 7GpgeP6cXNKOPwa7aRSNFLYsKxMN3/RMXOCjUSaSrH+0tTU45GLiJG2h+m3w3OgC 7ArtysF+cSp7+yc= =+rcF -END PGP SIGNATURE End Message ---
Bug#933742: marked as done (slirp4netns: CVE-2019-14378: heap buffer overflow during packet reassembly)
Your message dated Wed, 14 Aug 2019 11:49:41 + with message-id and subject line Bug#933742: fixed in slirp4netns 0.3.2-1 has caused the Debian Bug report #933742, regarding slirp4netns: CVE-2019-14378: heap buffer overflow during packet reassembly to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 933742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: qemu Version: 1:3.1+dfsg-8 Severity: grave Tags: security upstream Control: clone -1 -2 Control: reassign -2 src:slirp4netns 0.3.1-1 Control: retitle -2 slirp4netns: CVE-2019-14459: heap buffer overflow during packet reassembly Hi, The following vulnerability was published for qemu (respective the SLiRP networking implemenatation which is as well forked in slirp4netns). CVE-2019-14378[0]: | ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer | overflow via a large packet because it mishandles a case involving the | first fragment. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-14378 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378 [1] https://gitlab.freedesktop.org/slirp/libslirp/commit/126c04acbabd7ad32c2b018fe10dfac2a3bc1210 [2] https://www.openwall.com/lists/oss-security/2019/08/01/2 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: slirp4netns Source-Version: 0.3.2-1 We believe that the bug you reported is fixed in the latest version of slirp4netns, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 933...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Reinhard Tartler (supplier of updated slirp4netns package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 14 Aug 2019 07:33:02 -0400 Source: slirp4netns Architecture: source Version: 0.3.2-1 Distribution: unstable Urgency: medium Maintainer: Reinhard Tartler Changed-By: Reinhard Tartler Closes: 933742 Changes: slirp4netns (0.3.2-1) unstable; urgency=medium . * New Upstream release: - vendor freedresktop slirp (upstream pull/130) * Bug fix: "CVE-2019-14378: heap buffer overflow during packet reassembly", thanks to Salvatore Bonaccorso (Closes: #933742). Checksums-Sha1: a2fd209cf479798f64701045b9d269aec4d0e4dc 2103 slirp4netns_0.3.2-1.dsc 6083e7c6191031cf3b98216846bfafcd5702c847 162136 slirp4netns_0.3.2.orig.tar.gz 1d253cfeb4e1a49d3f9baae840ad79cf411928fa 4212 slirp4netns_0.3.2-1.debian.tar.xz Checksums-Sha256: ad9178cd37e68721722fd32aebea0872b2409d9c4297ea938b9071b295f0d0f6 2103 slirp4netns_0.3.2-1.dsc fe400337e857cee668a0c9161e2997af9c5c8cbaf4cbec12b32b458064eec380 162136 slirp4netns_0.3.2.orig.tar.gz 72a743708728a3e07bb6b90042d141caf5b4fb9e6ecdbdec08e1820bc6ab9448 4212 slirp4netns_0.3.2-1.debian.tar.xz Files: a3c8ebf282ae47bdbe97d4c068341223 2103 misc optional slirp4netns_0.3.2-1.dsc ed6d5c35ad4c1fa303728d27fec1abda 162136 misc optional slirp4netns_0.3.2.orig.tar.gz 4a2d6824524bcacae01fcfcf6f3a9930 4212 misc optional slirp4netns_0.3.2-1.debian.tar.xz -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEE6n5rckvJ+/LRcetya3IL6cXPbZ4FAl1T8hQUHHNpcmV0YXJ0 QHRhdXdhcmUuZGUACgkQa3IL6cXPbZ6dVBAA0Vl+FF827RFcO6PUKgF5nojOC2VZ Os2TGBJvKK6Ny4S9j6iK/MTTvP7PlZgIBg5d+UPUYvB7bNs2dv6l8QkPcmY3IiJ2 M/0Kkl4hi/G9pIeYoo/SXfohA9YQL8N8n6guUVNC+tJdTkbhSrDvQt1DRq1Mr1XN B24qTtFBk/D+Fhu0qfjsVYsMQL17L895S1tbc4CWC4+UN45Gdu5w2Ls2X94GrijL EK7xu/Gukc+nmgHaBGeHmLft6ife+nh00HJrNZ8/MQhx58kcRW8EEDi4q1WTanJk Z/MzNls92qgw2JHDfzVCfRjYKpbQlSfyKWBu3bEb8agAP9uWngI6YkPcCKudPaS5 UlVllLZn6SOLmrChKYoO2K08meh376Rsw06q5ZtzCpHaCDXfoGqWur5utUII3OBe q/MC/aYB1jvSJsk21Iy/a+26Vd45YEHpOVQU4AScOskTptnk+ZuvRWXiBkEQ1i8Q 1D335Utuw1WNFkLV+M4FYWoxCMODRsZC7bX3nd8FZq2t+VT64wYpelQtk97as5hW GdnCiVTuftYyXKzEhf/HrRxadX9dO24LO69drlr8nqQNXQzij+2Lhg+u/Sh0NG/H 1TdIZ/F+1cEmATl09RnHUbx1VLw0G8nzdIkfuCYJycxFFBVxuNJ6LcptNaHXqjtJ zu2YmubqC1TbdMs= =vEcO -END PGP SIGNATURE End