Bug#939990: bird: CVE-2019-16159
Hi For Sid, we plan to release soon version 1.6.8 including bugfix for this bug. For Buster, i backported bugfix for this bug and two other important security-related bugfixes for 1.6.6, available in oz-deb Git branch: https://gitlab.labs.nic.cz/labs/bird/commits/oz-deb The fixes are: ba870cab310c151ae8827907c604900ff5cd4d11 - Fix this bug (CVE-2019-16159) 37f39789f483afd10bcfadca8b414e951ffb6d22 - Fix bug in privilege revocation causing BIRD in some cases run with more privileges than necessary 2545b91b8b96151b415c4d22b3c4ab3835752540 - Fix bug allowing easily triggerable crash from CLI -- Ondrej 'Santiago' Zajicek (email: santi...@crfreenet.org) signature.asc Description: PGP signature
Bug#939990: bird: CVE-2019-16159
Source: bird Version: 1.6.7-1 Severity: grave Tags: security upstream Forwarded: http://trubka.network.cz/pipermail/bird-users/2019-September/013718.html Control: found -1 1.6.6-1 Hi, The following vulnerability was published for bird. CVE-2019-16159[0]: | BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 | has a stack-based buffer overflow. The BGP daemon's support for RFC | 8203 administrative shutdown communication messages included an | incorrect logical expression when checking the validity of an input | message. Sending a shutdown communication with a sufficient message | length causes a four-byte overflow to occur while processing the | message, where two of the overflow bytes are attacker-controlled and | two are fixed. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-16159 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16159 [1] http://trubka.network.cz/pipermail/bird-users/2019-September/013722.html [2] http://trubka.network.cz/pipermail/bird-users/2019-September/013720.html [3] http://trubka.network.cz/pipermail/bird-users/2019-September/013718.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore