Debian Bug report logs -
#881586
Konversation CVE-2017-15923
Reported by: Yves-Alexis Perez <corsac@debian.org>
Date: Mon, 13 Nov 2017 09:21:05 UTC
Severity: normal
Tags: fixed-upstream, upstream
Found in version konversation/1.5-2
Fixed in versions konversation/1.7.3-1, konversation/1.6.2-2+deb9u1, konversation/1.5-2+deb8u1
Done: Salvatore Bonaccorso <carnil@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>:
Bug#881586; Package konversation.
(Mon, 13 Nov 2017 09:21:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Yves-Alexis Perez <corsac@debian.org>:
New Bug report received and forwarded. Copy sent to Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>.
(Mon, 13 Nov 2017 09:21:08 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: konversation
Tag: security
On Sun, 2017-11-12 at 17:01 -0500, Joseph Bisch wrote:
> Hi,
>
> See the November 11th security advisory for Konversation at:
>
> https://konversation.kde.org/
>
> Reproducer:
>
> echo $'privmsg \x16\x033\x8e3\x2eqt/\x03e\xe2\x16\n' | nc -l -p 6667
>
> and then connect to that with Konversation.
>
> May require ASan or other method of detecting the use after free.
Thanks for the report, I'm adding Pino in the loop but since it's a public
vulnerability you can directly report it to the BTS.
Pino, can you prepare an update for sid, stretch and jessie (with isolated
patches for stable releases)?
Regards,
--
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]
Marked as fixed in versions konversation/1.7.3-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 13 Nov 2017 10:03:06 GMT) (full text, mbox, link).
Marked as found in versions konversation/1.5-2.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 13 Nov 2017 10:03:08 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream and upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 13 Nov 2017 10:09:05 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>:
Bug#881586; Package konversation.
(Mon, 13 Nov 2017 16:15:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>.
(Mon, 13 Nov 2017 16:15:03 GMT) (full text, mbox, link).
Message #16 received at 881586@bugs.debian.org (full text, mbox, reply):
Hi
On Mon, Nov 13, 2017 at 10:17:37AM +0100, Yves-Alexis Perez wrote:
> Package: konversation
> Tag: security
>
> On Sun, 2017-11-12 at 17:01 -0500, Joseph Bisch wrote:
> > Hi,
> >
> > See the November 11th security advisory for Konversation at:
> >
> > https://konversation.kde.org/
> >
> > Reproducer:
> >
> > echo $'privmsg \x16\x033\x8e3\x2eqt/\x03e\xe2\x16\n' | nc -l -p 6667
> >
> > and then connect to that with Konversation.
> >
> > May require ASan or other method of detecting the use after free.
>
> Thanks for the report, I'm adding Pino in the loop but since it's a public
> vulnerability you can directly report it to the BTS.
>
> Pino, can you prepare an update for sid, stretch and jessie (with isolated
> patches for stable releases)?
I have prepared both jessie- and stretch-security uploads, though at
the moment only stretch-security has been tested. Will come to the
jessie one later today.
Regards,
Salvatore
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sat, 18 Nov 2017 21:06:29 GMT) (full text, mbox, link).
Notification sent
to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer.
(Sat, 18 Nov 2017 21:06:29 GMT) (full text, mbox, link).
Message #21 received at 881586-close@bugs.debian.org (full text, mbox, reply):
Source: konversation
Source-Version: 1.6.2-2+deb9u1
We believe that the bug you reported is fixed in the latest version of
konversation, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 881586@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated konversation package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 13 Nov 2017 16:06:25 +0100
Source: konversation
Binary: konversation konversation-data
Architecture: source
Version: 1.6.2-2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 881586
Description:
konversation - user friendly Internet Relay Chat (IRC) client for KDE
konversation-data - data files for Konversation
Changes:
konversation (1.6.2-2+deb9u1) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2017-15923: Crash in parsing IRC color formatting codes
(Closes: #881586)
Checksums-Sha1:
50a14c1dc3a1aa34fd45c639016a734bfbd28e70 3165 konversation_1.6.2-2+deb9u1.dsc
7a0143fa195d8fd3f646997e8eeff468f1ec5fdb 3876040 konversation_1.6.2.orig.tar.xz
04ba1422708eca5a4ef34e78b0a3e8822e7bc1e2 25396 konversation_1.6.2-2+deb9u1.debian.tar.xz
4d7f701f1aac8f44b1814fcd29485bc360ee93b9 5991 konversation_1.6.2-2+deb9u1_source.buildinfo
Checksums-Sha256:
a0af6b4305a02f8c0e716b6a9210e0fac8de276d73fdf91ec7d03f6b85fd4b4a 3165 konversation_1.6.2-2+deb9u1.dsc
b6521dc29ee4e2b2b6d736860d1edb381609ee182a13517680439dcfa9d6289d 3876040 konversation_1.6.2.orig.tar.xz
b5a587722af9ee8a9b74483a493cf35f9f93f892eae1304c6935b16dd909190e 25396 konversation_1.6.2-2+deb9u1.debian.tar.xz
6c6963a5ed328aba2ce7b271be57989acac8dbcc17c819e16f25981a3d42ecaf 5991 konversation_1.6.2-2+deb9u1_source.buildinfo
Files:
2f22fdfb6e937fbf56a5004ebb9d8872 3165 net optional konversation_1.6.2-2+deb9u1.dsc
b65e30362158fb68e80fa42734ca2558 3876040 net optional konversation_1.6.2.orig.tar.xz
ff203ac55422eb3d1bf8cd6cc4ca65f1 25396 net optional konversation_1.6.2-2+deb9u1.debian.tar.xz
b1cbc30d91360cd0f900dae37203ebe2 5991 net optional konversation_1.6.2-2+deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAloJwBdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E0owP/04cOXA676i4Tumlm89NaUrCLbUFMb3/
XtbwulQFB1X5ou9mZkEtxIzRuIlZcRksvvhBCS6NOOm2p9J6YYphxN5W55sU9DBk
7VxjCl34J0WKgVhn0UOu/CmDi1C8GxvbcrA8GxeCfw4aCg6jeV+QKriqh/kn83H7
K7dGKZAlv85NPp78snbFGphldjSmQKOOKYv3/ic/ABnlo8BKalXhBrhkMOYqsb1+
fMtH+wNwCUc6pWopcMUI8Es+JmRMSYj7Ck96/rIRsznoz0PpVZXtvWibeYOG6v2u
3Cnj3EtnrS7lCaxK7AvaBXXzXu4iM22SvaFmL5+CQm2/jK0881w/W7GHpdNXjo+6
JNV+N3jkF4BVkEnVMRmBgq/iDPbP6V74taoiEDsuq+JdcE5+ja3l0U0Do75xh6H2
ZYS5VLAr5NycbBjiMn6UwfIYHIaOZxkp1VS0ORkdWXlAOZSjt3HLi+KPla0U1Jw/
RHdD4NKusRNi1idAPYkZ7dnL6zauU6xGNo0hd2hYyPKjwrsKsXCGwrzhENTDh02m
mYKLi5g9u13b1cU4RZ+x2X26tCuQxKrRHzAPThzNFI4T/5KJg4bCb994sgjMvL5l
vlaNRC9ecGizel1yhY2UyI+yWWzqZGz9e4TeGv96uDhFPSKlhiw+e4pyiaeG6Zt4
sfaUwoH0DIKy
=KaVn
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sat, 18 Nov 2017 22:21:51 GMT) (full text, mbox, link).
Notification sent
to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer.
(Sat, 18 Nov 2017 22:21:51 GMT) (full text, mbox, link).
Message #26 received at 881586-close@bugs.debian.org (full text, mbox, reply):
Source: konversation
Source-Version: 1.5-2+deb8u1
We believe that the bug you reported is fixed in the latest version of
konversation, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 881586@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated konversation package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 13 Nov 2017 16:41:12 +0100
Source: konversation
Binary: konversation konversation-data konversation-dbg
Architecture: all source
Version: 1.5-2+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 881586
Description:
konversation - user friendly Internet Relay Chat (IRC) client for KDE
konversation-data - data files for Konversation
konversation-dbg - debugging symbols for Konversation
Changes:
konversation (1.5-2+deb8u1) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* CVE-2017-15923: Crash in parsing IRC color formatting codes
(Closes: #881586)
Checksums-Sha1:
957237658bfda48bc4818deab5617775642410a2 2436 konversation_1.5-2+deb8u1.dsc
3955a43758750b63d84299a9d9a5933b73e5492b 3169284 konversation_1.5.orig.tar.xz
8b90c9d2234f10776886d8ca0db9e600169b63fa 27108 konversation_1.5-2+deb8u1.debian.tar.xz
899a916d40a5ffeaf61bf14eef499084a76e10de 3039240 konversation-data_1.5-2+deb8u1_all.deb
Checksums-Sha256:
56f0811183870306868b6556ac85ae3b2a018025d6db43421139ed84f9cb67a5 2436 konversation_1.5-2+deb8u1.dsc
382de6217ec1e27c292ec33473a31b893863dc699c79669f5ef364152719546f 3169284 konversation_1.5.orig.tar.xz
3eaddfaa3f1b17e51f11b3492483b078c35ab9b09bc4fd40395777aef65097d8 27108 konversation_1.5-2+deb8u1.debian.tar.xz
ac9cfc7d36a41bcb37c1f2611d166a94ee5dee41469f8715e90a0da853420d7a 3039240 konversation-data_1.5-2+deb8u1_all.deb
Files:
f72a605cc04308614e3d87e84a143512 2436 net optional konversation_1.5-2+deb8u1.dsc
c65c97012854f334d87b3a8df32b38f1 3169284 net optional konversation_1.5.orig.tar.xz
708920c330e71c1837556bb9e73fe8ec 27108 net optional konversation_1.5-2+deb8u1.debian.tar.xz
a83b3f2407b7add39d68fcb122ddb29b 3039240 net optional konversation-data_1.5-2+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAloJwGxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EvuUP/iyy/LoewA7xCQ5KYhmV+c7S66qrxMW2
pEH9zveO5vxVk5zK/YQVw+B5kJojAjHMCpNVePR+7vz0Ie+czsgHdrtdrjkczrpP
0Us3Rirefw1ssrJ6vJQlzymUZzWE+daJYs6inVpUUIzPTNDMejcfhWX/7s8g75ww
RCxB9kFrGSiGdee9DcKG8hc7mihHZvCdlOCmDgD99+QT0bYO/dDFaba9Ssb+9Zte
VMS3v6wEwzZSkag6QZQgFaq7GEFq2acMWBKvq1i+O8nzjCr9/KHpf7okvpmsLzpq
zJQlbzvWE4SIcCkNfC0UMfYUWeOVzOQjewM2QV+6MWTGPxim3zhrnODJrucHoGKw
CLtl3ym610dauS6NrLN4KLERlLLVZiEofBStThNrYzVlv/ii7X1LsJmuLYHQVn53
LbmPr7TtBPtbRZpKbynT8AIF/ZUORar//wqz3Cn9Y2RbXl3hMwroYdg36kYUr0MB
hnGdBanq1BV1MjKghtC+4LP2Bhvik8zrUAcZxQtssuPaC+cMXw9oxf748HGPJOz2
SdGf6QRSHWzwC1xj7m8IMa4S+nW1Jo1qBKVSpEetjmc4On2zGc+4G3jzuBUScGas
agMzugzXWnF63EkmhL+ATv8zib7ly2aB8zET8ac6o0HAmd/1HrMMW8CHod/C1X6A
OK/kxlyzUqfM
=EYNL
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Thu, 15 Feb 2018 07:30:33 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:28:29 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon