Debian Bug report logs -
#781806
das-watchdog: CVE-2015-2831: Buffer overflow in the handling of the XAUTHORITY env variable
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 3 Apr 2015 11:42:02 UTC
Severity: grave
Tags: fixed-upstream, patch, security, upstream
Found in version das-watchdog/0.9.0-2
Fixed in versions das-watchdog/0.9.0-3.1, das-watchdog/0.9.0-2+deb6u1, das-watchdog/0.9.0-2+deb7u1
Done: Salvatore Bonaccorso <carnil@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>:
Bug#781806; Package das-watchdog.
(Fri, 03 Apr 2015 11:42:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>.
(Fri, 03 Apr 2015 11:42:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: das-watchdog
Severity: grave
Tags: security
Hi,
this has been assigned CVE-2015-2831:
http://www.openwall.com/lists/oss-security/2015/04/01/8
Cheers,
Moritz
Changed Bug title to 'das-watchdog: CVE-2015-2831: Buffer overflow in the handling of the XAUTHORITY env variable' from 'CVE-2015-2831'
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 03 Apr 2015 12:03:14 GMT) (full text, mbox, link).
Marked as found in versions das-watchdog/0.9.0-2.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 03 Apr 2015 12:03:15 GMT) (full text, mbox, link).
Added tag(s) upstream and fixed-upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 03 Apr 2015 12:03:16 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>:
Bug#781806; Package das-watchdog.
(Fri, 10 Apr 2015 07:48:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>.
(Fri, 10 Apr 2015 07:48:05 GMT) (full text, mbox, link).
Message #16 received at 781806@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags -1 + patch
Hi
The issue is mitigated in jessie since das-watchdog is built hardened
in jessie. Attached is though the debdiff for unstable, plan to
double-check this and upload it later today to a delayed queue.
Regards,
Salvatore
[das-watchdog_0.9.0-3.1.debdiff (text/plain, attachment)]
Added tag(s) patch.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 781806-submit@bugs.debian.org.
(Fri, 10 Apr 2015 07:48:05 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>:
Bug#781806; Package das-watchdog.
(Fri, 10 Apr 2015 19:45:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Raphael Hertzog <hertzog@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>.
(Fri, 10 Apr 2015 19:45:05 GMT) (full text, mbox, link).
Message #23 received at 781806@bugs.debian.org (full text, mbox, reply):
Hello dear maintainer(s),
the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of das-watchdog:
https://security-tracker.debian.org/tracker/CVE-2015-2831
Would you like to take care of this yourself? We are still understaffed so
any help is always highly appreciated.
If yes, please follow the workflow we have defined here:
http://wiki.debian.org/LTS/Development
If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.
If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.
Thank you very much.
Raphaël Hertzog,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>:
Bug#781806; Package das-watchdog.
(Fri, 10 Apr 2015 20:54:15 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>.
(Fri, 10 Apr 2015 20:54:15 GMT) (full text, mbox, link).
Message #28 received at 781806@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags 781806 + pending
Dear maintainer,
I've prepared an NMU for das-watchdog (versioned as 0.9.0-3.1) and
uploaded it due to the close Jessie release. Attached here is the used
debdiff for the upload.
Regards,
Salvatore
[das-watchdog-0.9.0-3.1-nmu.diff (text/x-diff, attachment)]
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 781806-submit@bugs.debian.org.
(Fri, 10 Apr 2015 20:54:15 GMT) (full text, mbox, link).
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Fri, 10 Apr 2015 21:39:09 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Fri, 10 Apr 2015 21:39:09 GMT) (full text, mbox, link).
Message #35 received at 781806-close@bugs.debian.org (full text, mbox, reply):
Source: das-watchdog
Source-Version: 0.9.0-3.1
We believe that the bug you reported is fixed in the latest version of
das-watchdog, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 781806@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated das-watchdog package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 10 Apr 2015 22:19:18 +0200
Source: das-watchdog
Binary: das-watchdog
Architecture: source
Version: 0.9.0-3.1
Distribution: unstable
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
das-watchdog - solves system lock-ups by making all processes non-realtime
Closes: 781806
Changes:
das-watchdog (0.9.0-3.1) unstable; urgency=high
.
* Non-maintainer upload.
* Fix buffer overflow in the handling of the XAUTHORITY env variable
(CVE-2015-2831) (Closes: #781806)
* Remove duplicate check for temp[i] == '\0' in das_watchdog.c
* Fix infinite loop on platforms where char is unsigned
Checksums-Sha1:
e554d109ee5bbaceed45b5ee7c4396733f4ee5b9 1951 das-watchdog_0.9.0-3.1.dsc
86c87eb0f1a6ab1c09fb9b417443a3a17321494d 5432 das-watchdog_0.9.0-3.1.debian.tar.xz
Checksums-Sha256:
e3b168e5f7b4322c6a3202177b4050e5c0876da4ff76490599a53d7db2eb874b 1951 das-watchdog_0.9.0-3.1.dsc
4fedea74607a483dfd914ffbbe6a24c818011732bfbcee96f230c31973238b7f 5432 das-watchdog_0.9.0-3.1.debian.tar.xz
Files:
8794bb032330d82dd5d3546ac3ebf52e 1951 admin extra das-watchdog_0.9.0-3.1.dsc
ce53f44db5d2a9ddbc864b9b9b2a403f 5432 admin extra das-watchdog_0.9.0-3.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVKDTxAAoJEAVMuPMTQ89EIrgQAI+FrhbJfJJmIV0ChNEiGr5R
GIbgTv/nscS30UPn8/jRpX5MrR3I+XXyZ3xaZNloFLTYO2XL5/OgC60ck4QC1qEJ
msO692ya+xXq2FHg+fkgYNKQ9WiaOz+UxDRYarHp2jtTiabKIdlABljnjzFJOIBx
OAogJxjEBxYIfHZczve7sMhzt8vSjYfL67BdtcJ+bx91ghd06o/UTNS2vsng0zls
dWXN5SDTadSoplzmSr+LM5hMBoZqSOF6TjhaVYsFpj5Z7Aa5MkCfKovm6xMUcv2b
UP1Xqc7bsjmaWTHmK2fjlEb6evREXdy0xmgfXa7cZrT9pN8Y20R2zgCxr7r+85KD
XNa9sabUKPHFFoSBj6BWprcl8BsKCy1K5Nb6u3erT9hVuu55eDMga+YCRQmrKOD8
l3fHZDY567MLPrHaB7l6mioyNgUylMVWjLw1fM6lVjzAPX8onJ4dQG2Xa1Y0Y3z7
FMOQimwDEUTsmPKqOTnwdfcVs1l8LAq38UI7CHl/devvIdmGHiZAG6SzUEBgd1Eu
qOAp7uJm5OfhbQFtAGywBVQjDQUxPi1gINtM9DP/MSmwQlKW34pH0Kvv8iyYaD6y
1DyYzOQM6piYsKhtbHOrlZL/H31w5RsGdl37byQLgjA0mh04QFR+XJbI0em+DMwg
+qyv6iBNMpfX9WaCvPZW
=OHah
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sun, 12 Apr 2015 15:39:09 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Sun, 12 Apr 2015 15:39:09 GMT) (full text, mbox, link).
Message #40 received at 781806-close@bugs.debian.org (full text, mbox, reply):
Source: das-watchdog
Source-Version: 0.9.0-2+deb6u1
We believe that the bug you reported is fixed in the latest version of
das-watchdog, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 781806@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated das-watchdog package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 12 Apr 2015 16:33:12 +0200
Source: das-watchdog
Binary: das-watchdog
Architecture: source amd64
Version: 0.9.0-2+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
das-watchdog - solves system lock-ups by making all processes non-realtime
Closes: 781806
Changes:
das-watchdog (0.9.0-2+deb6u1) squeeze-lts; urgency=high
.
* Non-maintainer upload.
* Fix buffer overflow in the handling of the XAUTHORITY env variable
(CVE-2015-2831) (Closes: #781806)
* Remove duplicate check for temp[i] == '\0' in das_watchdog.c
* Fix infinite loop on platforms where char is unsigned
* Add fix-memory-leak-on-realloc.patch patch.
Fix potential memory leak on realloc and causing "NULL+i" (write)
dereference afterwards.
Thanks to Niels Thykier <niels@thykier.net>
Checksums-Sha1:
a3e96020ad9555c4896d141f822c568f3b58ce68 1948 das-watchdog_0.9.0-2+deb6u1.dsc
72f640d34d6908c7c861e12826b92beaa80e74e8 5121 das-watchdog_0.9.0-2+deb6u1.debian.tar.gz
fc423418f40801312950ae059557a458029f8bc5 15238 das-watchdog_0.9.0-2+deb6u1_amd64.deb
Checksums-Sha256:
8a962ff491b73add828cbccd2092cac48a4c3df79ede6a995083684c726e7207 1948 das-watchdog_0.9.0-2+deb6u1.dsc
6932c051a69ff12c291b7fe7674033875c1cc98fcd5b21f753cbc316929d6485 5121 das-watchdog_0.9.0-2+deb6u1.debian.tar.gz
273a613e4342b905b56e21c7bb8965baea43b269bba75900c4091f732e0584e2 15238 das-watchdog_0.9.0-2+deb6u1_amd64.deb
Files:
7874a78f0251762510ba3566135d8aaf 1948 admin extra das-watchdog_0.9.0-2+deb6u1.dsc
aa5a992913e268a5de3ebcc745f58840 5121 admin extra das-watchdog_0.9.0-2+deb6u1.debian.tar.gz
106afc9cb49b106cb37acf40b4e685fd 15238 admin extra das-watchdog_0.9.0-2+deb6u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVKoOLAAoJEAVMuPMTQ89EBvcP/1dz84xk0LbRuQpA66mChVPP
gWLnmnAaS7gTVKHqeOGCLCLk2Sr3AHtCtVetRttLISpRZB6L4Z/GM8EkOUQqRFty
+0jjbeoIO9IRK3RdMa5dDhOmr7bA/wp1k5Dy+wnW6F8aDoFkmb6AgO+zO1+7lJ3V
m3ONRHM+jEgeQ7tbNpz9UyxjQ46/rSIeN6r4COU91JSUGfcdfOJsTyAf2L2aZ1lv
x6Vi9hHTIsTy38tn6x6hQc6aKrxVwXSUtnMHHzFcBm70Ko8nabcSRYxtbv1b5zlC
v39tCF4h50OfbfT0z6wdlv37Opn4bkoUbEKlxVXm+NhNEWxUkXgBsZ8gu1ubROhG
GDUTg9oOYkkDk9PemFZ8dhUIlNJ/cEpIpDhDJ8eow1yPjudqCFItH6MWpYcLRn1g
M6kcQJgaLcK6+mv9PG9upZnJpvD/xCwHTvB1YOvCZ9y2Yy2/2T8ZfrrMNtW4rPrG
7XRMcXY0nPq8X7NIzrQDPthUn6gF0FeF6n/cUgimONjwDX4CPL2Bgm+EkDXsrxCo
yWeM/d5a2Ek4qWUE/BfjsmkpX1ffow7VRZpdcP5Hv8vA8PtEVFE91topgmiQncF/
zp6//51REaJkl1n4/6rzSgf5D4X0nzvu5yoXYxcxz+I4rBDGt/NH+KORuOtNnXa9
wwUMgn1SUFuyIZ6Q4AZ8
=TJsQ
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Wed, 15 Apr 2015 21:33:10 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Wed, 15 Apr 2015 21:33:10 GMT) (full text, mbox, link).
Message #45 received at 781806-close@bugs.debian.org (full text, mbox, reply):
Source: das-watchdog
Source-Version: 0.9.0-2+deb7u1
We believe that the bug you reported is fixed in the latest version of
das-watchdog, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 781806@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated das-watchdog package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 12 Apr 2015 11:02:08 +0200
Source: das-watchdog
Binary: das-watchdog
Architecture: source amd64
Version: 0.9.0-2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
das-watchdog - solves system lock-ups by making all processes non-realtime
Closes: 781806
Changes:
das-watchdog (0.9.0-2+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix buffer overflow in the handling of the XAUTHORITY env variable
(CVE-2015-2831) (Closes: #781806)
* Remove duplicate check for temp[i] == '\0' in das_watchdog.c
* Fix infinite loop on platforms where char is unsigned
* Add fix-memory-leak-on-realloc.patch patch.
Fix potential memory leak on realloc and causing "NULL+i" (write)
dereference afterwards.
Thanks to Niels Thykier <niels@thykier.net>
Checksums-Sha1:
76e58c04ab59cf97a4ca4f375d2b0263561d88e9 1993 das-watchdog_0.9.0-2+deb7u1.dsc
3d4bb6f71963fe79144875340dd1864558b8a128 8796 das-watchdog_0.9.0.orig.tar.gz
1652a999aed6f3ca8a3c2e8baac283c80ed58e15 4965 das-watchdog_0.9.0-2+deb7u1.debian.tar.gz
c3662226695499f6e7abef8b5575829441455d82 15226 das-watchdog_0.9.0-2+deb7u1_amd64.deb
Checksums-Sha256:
9c90535f3b230608a916d8b2caf2d88cd3c7f828a1069e81bd0c6971b82abe78 1993 das-watchdog_0.9.0-2+deb7u1.dsc
118393ae83d47a6f6db91910593c17aa041bb51feee4519d00b90780f6093f18 8796 das-watchdog_0.9.0.orig.tar.gz
3c061d6ab42659135244f9b39101b14909d1e716e67e7546a6fe7403f27e7749 4965 das-watchdog_0.9.0-2+deb7u1.debian.tar.gz
99053c38f06de8b0139a47928c582f085a66d3f3123e76ed7313bb5123a7c26c 15226 das-watchdog_0.9.0-2+deb7u1_amd64.deb
Files:
ef2de85f7196ea1902983bc0716b81e5 1993 admin extra das-watchdog_0.9.0-2+deb7u1.dsc
1394e3457ca1599382fd821646c0e8e8 8796 admin extra das-watchdog_0.9.0.orig.tar.gz
9c884b5fa18c2bdf9d9132cb7340470b 4965 admin extra das-watchdog_0.9.0-2+deb7u1.debian.tar.gz
cfdcc5678434d9430ac0925b5e81bab6 15226 admin extra das-watchdog_0.9.0-2+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVKlGIAAoJEAVMuPMTQ89EzPMP/AjwF6fj1l7usNLuuIUVHxCB
Mi/h/mC0Ceo5OY22rukvDqKV6VpOmc6BStNhTmHPLEWOculTzJqzXep3yyxeC15J
pAHFMcbpXzs1Kc/KNj7sHO2mUWrlC+CvSqT6ydSDE5h9SoiI3I+iMsehdOc8UWoA
J0H+6o/44wNqBetTd+8Db5UhEMNJsa6kGLFq30Gx8d2jSKKeEXztkvkZyotFNmnr
zG/K7S8HqveheTtWKGmrxwDUnCZyI73FDkGpJPRduKdwwss++MzRi4XillMmcUeh
d2RtFj4eZQjXe8CljXUn7meKHTPKjxaSwgHJcUfKBBixoQsQhREecbX8Zuib869y
fPfeOvHGlETdshNKiGdH2Zgr+zkzrmSXdYqkn9tc81G9RSnZhvPGC7lo7rNKfArg
iGnX/ljArgYLNQqGHOOGSZk5eCICXkqbjDc6D6Hedgef5y5tOGJ6M6fNKxDCQdNu
TXB+7kAnMFoOK3ZfPaVdWZ6flR4z1O7z/LzHPBsxSD5GBQ14Lx9DYMjAxYSayT1F
Xeo82r4DixENFDXczKVA7sP/CHw/k0fenKK9zVGpn/1jkdNfClt7mE80/eCGfRZj
Jo19Am5nOLCMx2hvFkuspRRAgbIYwz/TBzIbl3dsTQ+4Buks8BER3nmoZw4gJpjJ
VyPpjzPzoSgR7qn3NNSk
=XNLt
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 24 May 2015 07:28:45 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:34:50 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon