Debian Bug report logs -
#566002
CVE-2010-0001: integer underflow
Reported by: Steffen Joeris <steffen.joeris@skolelinux.de>
Date: Wed, 20 Jan 2010 14:57:01 UTC
Severity: grave
Tags: patch, security
Found in version gzip/1.3.12-8
Fixed in version 1.3.12-9
Done: Nick Andrik <nick.andrik@gmail.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Bdale Garbee <bdale@gag.com>
:
Bug#566002
; Package gzip
.
(Wed, 20 Jan 2010 14:57:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Steffen Joeris <steffen.joeris@skolelinux.de>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Bdale Garbee <bdale@gag.com>
.
(Wed, 20 Jan 2010 14:57:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: gzip
Version: 1.3.12-8
Severity: grave
Tags: security patch
Hi Bdale, Carl
Carl, I saw too late that you're a new co-maintainer so I only
forwarded the pre-notification to Bdale (who is probably busy at LCA).
i
the following CVE (Common Vulnerabilities & Exposures) id was
published for gzip and is still open for unstable/testing.
CVE-2010-0001[0] (from the DSA text):
Aki Helin discovered an integer underflow when decompressing files that
are compressed using the LZW algorithm. This could lead to the execution
of arbitrary code when trying to decompress a crafted LZW compressed
gzip archive.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
I am available for NMU/sponsoring, in case you're still busy, just drop
me a line, please.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
http://security-tracker.debian.org/tracker/CVE-2010-0001
patch:
--- gzip-1.3.12.orig/unlzw.c
+++ gzip-1.3.12/unlzw.c
@@ -248,7 +248,8 @@
int o;
resetbuf:
- e = insize-(o = (posbits>>3));
+ o = posbits >> 3;
+ e = o <= insize ? insize - o : 0;
for (i = 0 ; i < e ; ++i) {
inbuf[i] = inbuf[i+o];
Information forwarded
to debian-bugs-dist@lists.debian.org
:
Bug#566002
; Package gzip
.
(Wed, 20 Jan 2010 18:36:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Bdale Garbee <bdale@gag.com>
:
Extra info received and forwarded to list.
(Wed, 20 Jan 2010 18:36:03 GMT) (full text, mbox, link).
Message #10 received at 566002@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Wed, 20 Jan 2010 15:52:57 +0100, Steffen Joeris <steffen.joeris@skolelinux.de> wrote:
> Carl, I saw too late that you're a new co-maintainer so I only
> forwarded the pre-notification to Bdale (who is probably busy at LCA).
Carl and I are both at LCA, I'm done with my talk now and he isn't yet, so
I'm on this and will make an upload shortly. Thanks!
Bdale
[Message part 2 (application/pgp-signature, inline)]
Reply sent
to Nick Andrik <nick.andrik@gmail.com>
:
You have taken responsibility.
(Sun, 24 Jan 2010 13:06:16 GMT) (full text, mbox, link).
Notification sent
to Steffen Joeris <steffen.joeris@skolelinux.de>
:
Bug acknowledged by developer.
(Sun, 24 Jan 2010 13:06:16 GMT) (full text, mbox, link).
Message #15 received at 566002-done@bugs.debian.org (full text, mbox, reply):
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Version: 1.3.12-9
This bug was fixed in the package but the bug number was not mentioned
in the changelog.
- --
=Do-
N.AND
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAktcNxsACgkQrdZ2oYS0I7Iu/wCfeMSVZJUP0sCY8RXZWwMbtN8G
yT4AoMGPgaBKRrkcYk5gG9zOZoVRzsYf
=MhuY
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Mon, 22 Feb 2010 07:27:29 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:52:00 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.