Your message dated Sat, 17 Sep 2016 13:08:06 +0100 with message-id <1474114086.2011.126.ca...@adam-barratt.org.uk> and subject line Closing p-u bugs for updates in 8.6 has caused the Debian Bug report #830221, regarding jessie-pu: package tcpreplay/3.4.4-2 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 830221: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830221 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: release.debian.org Severity: normal Tags: jessie User: release.debian....@packages.debian.org Usertags: pu Hello release team, there is a way to trigger a segfault in the tcprewrite program, part of the tcpreplay package. This has been assigned CVE-2016-6160, BTS#829350. Security team has suggested to fix this in a point release, the debdiff for 3.4.4-2+deb8u1 is attached. For the records, I'm not the package maintainer but the maintainer has acknowledged this procedure. Regards, Christoph -- System Information: Debian Release: 8.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.4.13 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)diff -Nru tcpreplay-3.4.4/debian/changelog tcpreplay-3.4.4/debian/changelog --- tcpreplay-3.4.4/debian/changelog 2012-07-07 16:20:40.000000000 +0200 +++ tcpreplay-3.4.4/debian/changelog 2016-07-07 10:54:50.000000000 +0200 @@ -1,3 +1,10 @@ +tcpreplay (3.4.4-2+deb8u1) stable; urgency=low + + * tcprewrite: Handle frames of 65535 octets size, add a + size check [CVE-2016-6160]. Closes: #829350 + + -- Christoph Biedl <debian.a...@manchmal.in-ulm.de> Thu, 07 Jul 2016 10:53:56 +0200 + tcpreplay (3.4.4-2) unstable; urgency=low * debian/control fixed lintian error diff -Nru tcpreplay-3.4.4/debian/patches/enforce-maxpacket.patch tcpreplay-3.4.4/debian/patches/enforce-maxpacket.patch --- tcpreplay-3.4.4/debian/patches/enforce-maxpacket.patch 1970-01-01 01:00:00.000000000 +0100 +++ tcpreplay-3.4.4/debian/patches/enforce-maxpacket.patch 2016-07-07 10:54:41.000000000 +0200 @@ -0,0 +1,33 @@ +Subject: tcprewrite: Handle frames of 65535 octets size +ID: CVE-2016-6160 +Author: Christoph Biedl <debian.a...@manchmal.in-ulm.de> +Date: Mon Jun 29 17:08:24 2015 +0200 +Bug-Debian: https://bugs.debian.org/829350 +Last-Update: 2016-07-06 + +diff --git a/src/defines.h.in b/src/defines.h.in +index 3a1bf1e..5468d14 100644 +--- a/src/defines.h.in ++++ b/src/defines.h.in +@@ -104,7 +104,7 @@ typedef struct tcpr_speed_s tcpr_speed_t; + #define DEFAULT_MTU 1500 /* Max Transmission Unit of standard ethernet + * don't forget *frames* are MTU + L2 header! */ + +-#define MAXPACKET 65535 /* was 16436 linux loopback, but maybe something is bigger then ++#define MAXPACKET 65549 /* was 16436 linux loopback, but maybe something is bigger then + linux loopback */ + + #define MAX_SNAPLEN 65535 /* tell libpcap to capture the entire packet */ +diff --git a/src/tcprewrite.c b/src/tcprewrite.c +index 90a6f2e..9c32a5e 100644 +--- a/src/tcprewrite.c ++++ b/src/tcprewrite.c +@@ -253,6 +253,8 @@ rewrite_packets(tcpedit_t *tcpedit, pcap_t *pin, pcap_dumper_t *pout) + packetnum++; + dbgx(2, "packet " COUNTER_SPEC " caplen %d", packetnum, pkthdr.caplen); + ++ if (pkthdr.caplen > MAXPACKET) ++ errx(-1, "Frame too big, caplen %d exceeds %d", pkthdr.caplen, MAXPACKET); + /* + * copy over the packet so we can pad it out if necessary and + * because pcap_next() returns a const ptr diff -Nru tcpreplay-3.4.4/debian/patches/series tcpreplay-3.4.4/debian/patches/series --- tcpreplay-3.4.4/debian/patches/series 2012-07-06 23:32:50.000000000 +0200 +++ tcpreplay-3.4.4/debian/patches/series 2015-07-08 00:46:22.000000000 +0200 @@ -1 +1,2 @@ configure-pcap.patch +enforce-maxpacket.patch
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Version: 8.6 The updates referred to in each of these bugs were included in today's stable point release. Regards, Adam
--- End Message ---
