Bug#342696: CVE-2005-4077: off-by-one errors in libcurl
notfound 342696 7.9.5-1 notfound 342696 7.15.1-1 tags 342696 - woody sid thanks joey, On Fri, Dec 09, 2005 at 04:07:02PM +0100, Martin Schulze wrote: http://www.hardened-php.net/advisory_242005.109.html Stefan Esser discovered several off-by-one errors in libcurl, a multi-protocol file transfer library, that allows local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs. this is a duplicate of #342339. current sid version, 7.15.1-1 is already fixed. current woody version, 7.9.5-1 is not affected either. etch and sarge are left. for what regards sarge, i already prepared a scurity fix and sent a mail to the security team, you can read it in the log of #342339. curl 7.13.2-2sarge4 is available at http://people.debian.org/~cavok/curl/, please give it a glance. regards domenico -[ Domenico Andreoli, aka cavok --[ http://people.debian.org/~cavok/gpgkey.asc ---[ 3A0F 2F80 F79C 678A 8936 4FEE 0677 9033 A20E BC50 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#342696: CVE-2005-4077: off-by-one errors in libcurl
Domenico Andreoli wrote: http://www.hardened-php.net/advisory_242005.109.html Stefan Esser discovered several off-by-one errors in libcurl, a multi-protocol file transfer library, that allows local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs. this is a duplicate of #342339. Umh... I didn't see that bug. current sid version, 7.15.1-1 is already fixed. current woody version, 7.9.5-1 is not affected either. Are you sure? Even though the code is quite different, the buffer extension part of the patch also applied to the woody package. etch and sarge are left. for what regards sarge, i already prepared a scurity fix and sent a mail to the security team, you can read it in the log of #342339. Oh, haven't seen it. Will check. curl 7.13.2-2sarge4 is available at http://people.debian.org/~cavok/curl/, please give it a glance. Done. Will prepare a new upload. It seems we have never talked about CVE-2005-3185 before. And even worse, when I checked I didn't find the offending file in the archive. Thanks, Joey -- The only stupid question is the unasked one. Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#342696: CVE-2005-4077: off-by-one errors in libcurl
On Sat, 10 Dec 2005, Martin Schulze wrote: 7.9.5-1 is not affected either. Are you sure? Even though the code is quite different, the buffer extension part of the patch also applied to the woody package. Since 7.9.5 is way older than the particular code that this problem concerns, it just _can't_ be vulnerable to this. It might be vulnerable to similar things, but not exactly this. It seems we have never talked about CVE-2005-3185 before. And even worse, when I checked I didn't find the offending file in the archive. I'm not sure what that means, but Domenico got informed about CVE-2005-3185 within hours after I did, and his curl 7.15.0-1 release mentions it and the closing of the corresponding debian bug report: #333734 -- -=- Daniel Stenberg -=- http://daniel.haxx.se -=- ech`echo xiun|tr nu oc|sed 'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#342696: CVE-2005-4077: off-by-one errors in libcurl
Package: curl Severity: important Tags: security woody sarge etch sid Found: 7.9.5-1 found: 7.13.2-2 found: 7.15.1-1 http://www.hardened-php.net/advisory_242005.109.html Stefan Esser discovered several off-by-one errors in libcurl, a multi-protocol file transfer library, that allows local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs. Regards, Joey -- Have you ever noticed that General Public Licence contains the word Pub? Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
