Debian Bug report logs -
#864533
radare2: CVE-2017-9520
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Sebastian Reichel <sre@debian.org>:
Bug#864533; Package src:radare2.
(Sat, 10 Jun 2017 04:18:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Sebastian Reichel <sre@debian.org>.
(Sat, 10 Jun 2017 04:18:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: radare2
Version: 1.1.0+dfsg-5
Severity: important
Tags: security upstream patch
Forwarded: https://github.com/radare/radare2/issues/7698
Hi,
the following vulnerability was published for radare2.
CVE-2017-9520[0]:
| The r_config_set function in libr/config/config.c in radare2 1.5.0
| allows remote attackers to cause a denial of service (use-after-free
| and application crash) via a crafted DEX file.
From trying to follow the code it looks present in 1.1.0 as well, but
please confirm if I'm wrong.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-9520
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9520
[1] https://github.com/radare/radare2/issues/7698
[2] https://github.com/radare/radare2/commit/f85bc674b2a2256a364fe796351bc1971e106005
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Thu, 15 Jun 2017 17:33:13 GMT) (full text, mbox, link).
Reply sent
to Sebastian Reichel <sre@debian.org>:
You have taken responsibility.
(Wed, 16 Aug 2017 18:03:05 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 16 Aug 2017 18:03:05 GMT) (full text, mbox, link).
Message #12 received at 864533-close@bugs.debian.org (full text, mbox, reply):
Source: radare2
Source-Version: 1.6.0+dfsg-1
We believe that the bug you reported is fixed in the latest version of
radare2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 864533@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Reichel <sre@debian.org> (supplier of updated radare2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 13 Jul 2017 00:05:39 +0200
Source: radare2
Binary: radare2 libradare2-1.6 libradare2-dev libradare2-common
Architecture: source amd64 all
Version: 1.6.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Sebastian Reichel <sre@debian.org>
Changed-By: Sebastian Reichel <sre@debian.org>
Description:
libradare2-1.6 - libraries from the radare2 suite
libradare2-common - arch independent files from the radare2 suite
libradare2-dev - devel files from the radare2 suite
radare2 - free and advanced command line hexadecimal editor
Closes: 864533 866068 867369
Changes:
radare2 (1.6.0+dfsg-1) unstable; urgency=medium
.
* New upstream release
- Fix for CVE-2017-9520 (Closes: #864533)
The r_config_set function in libr/config/config.c in radare2 1.5.0
allows remote attackers to cause a denial of service (use-after-free
and application crash) via a crafted DEX file.
- Fix for CVE-2017-9949 (Closes: #866068)
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0
allows remote attackers to cause a denial of service (stack-based
buffer underflow and application crash) or possibly have unspecified
other impact via a crafted binary file, possibly related to a buffer
underflow in fs/ext2.c in GNU GRUB 2.02.
- Fix for CVE-2017-10929 (Closes: #867369)
The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0
allows remote attackers to cause a denial of service (heap-based buffer
overflow and application crash) or possibly have unspecified other
impact via a crafted binary file, possibly related to a read overflow
in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB
2.02.
* Switch to Debian Standard Version 4.0.0
Checksums-Sha1:
f25629c512dc8223b9c1a004a4119fe9c02147ec 2269 radare2_1.6.0+dfsg-1.dsc
3b6f2fe3d50927c6b7a3a4bf5daa1415ca5ba740 3348948 radare2_1.6.0+dfsg.orig.tar.xz
79bde54afc0e1aefbe9ba8a8787dbbd8d981f358 13176 radare2_1.6.0+dfsg-1.debian.tar.xz
629f52dfc9a1beb871a5873df4219e0e7191e5cb 9448094 libradare2-1.6-dbgsym_1.6.0+dfsg-1_amd64.deb
aa4ec388797efa1c933ed4498ddabd7b36058478 2306342 libradare2-1.6_1.6.0+dfsg-1_amd64.deb
fc71f2d5ff7056055a9df9e6027104cadba3503f 518092 libradare2-common_1.6.0+dfsg-1_all.deb
f8adbde6b6fed4280ba6a9843870efc84c914728 147284 libradare2-dev_1.6.0+dfsg-1_amd64.deb
1f2f4b27b05b8cb5d73bc7f73c9a5829a214c523 308990 radare2-dbgsym_1.6.0+dfsg-1_amd64.deb
c3613185d451953beb429249ad63b4b97a97ed00 8593 radare2_1.6.0+dfsg-1_amd64.buildinfo
3dbd414e8129d9261ad97b3cabb1789cf5f73b29 155298 radare2_1.6.0+dfsg-1_amd64.deb
Checksums-Sha256:
9ac2103cba025194890923f715a5e37dbee6de90c5ad04840e89a94b3141edb3 2269 radare2_1.6.0+dfsg-1.dsc
e7e36a11fec2b1ed1c3188b2e44d4aa2e61f7d3dcb9def8e3107be4fdf93375e 3348948 radare2_1.6.0+dfsg.orig.tar.xz
1e7be220b97c41d35f3082b894dd7a3b3dc32a52dab72a84de80823712450901 13176 radare2_1.6.0+dfsg-1.debian.tar.xz
07b85797580ec56f5d46d5c639640abc5dbbb628b22c176f61a8cace6eebdc9c 9448094 libradare2-1.6-dbgsym_1.6.0+dfsg-1_amd64.deb
74be59ad793313487d13692a9ae034cc020e222eb53105c48b390b295f0a1a97 2306342 libradare2-1.6_1.6.0+dfsg-1_amd64.deb
7d1f049558926cd93fa126488f903c8b8295524119eee05c67dd9e0eebe659ed 518092 libradare2-common_1.6.0+dfsg-1_all.deb
1d927aa74215213deeda33cbc56d7416fadc6661bb3d92007214ee4e3495191c 147284 libradare2-dev_1.6.0+dfsg-1_amd64.deb
110f2b03201bf62b9646a60b6b72671422a0ed03d70eb6bb987c0a0c7e3a7896 308990 radare2-dbgsym_1.6.0+dfsg-1_amd64.deb
f8377e2df3f27540ce53b64b1ed9c4eb8357df501c246c677a440d7ad4ac20e0 8593 radare2_1.6.0+dfsg-1_amd64.buildinfo
753346ef1cb6f3e4574d56f97902f10b910b8444a3f017c56a9a601c6a32bfe8 155298 radare2_1.6.0+dfsg-1_amd64.deb
Files:
c46f610d786d0aa925667446b17963cb 2269 devel extra radare2_1.6.0+dfsg-1.dsc
1b0161b67340ee9cab038bf5acdeaa37 3348948 devel extra radare2_1.6.0+dfsg.orig.tar.xz
40ac8ee72b16bc8fbd21f1aa09c340e6 13176 devel extra radare2_1.6.0+dfsg-1.debian.tar.xz
6f8082a8bdf4829764ce17583d0231fe 9448094 debug extra libradare2-1.6-dbgsym_1.6.0+dfsg-1_amd64.deb
583ec606496c7c3727fa9c4ce29fb1d2 2306342 libs extra libradare2-1.6_1.6.0+dfsg-1_amd64.deb
d6dff180416f721d5fe28485615f40b2 518092 devel extra libradare2-common_1.6.0+dfsg-1_all.deb
0089cf5ec1e4047cee14433d85d1c87d 147284 libdevel extra libradare2-dev_1.6.0+dfsg-1_amd64.deb
a6d51b171427e410416118c4c47213ec 308990 debug extra radare2-dbgsym_1.6.0+dfsg-1_amd64.deb
2c714db5f8fdb7e55716397de17209c6 8593 devel extra radare2_1.6.0+dfsg-1_amd64.buildinfo
12131b43dc8bd2ed1264e077a9a233b9 155298 devel extra radare2_1.6.0+dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCAAtFiEE72YNB0Y/i3JqeVQT2O7X88g7+poFAllnKaAPHHNyZUBkZWJp
YW4ub3JnAAoJENju1/PIO/qa4CUQAIj0zSofXfGCJe5hxEshYFtX55mJDCLJehGY
rxRuTMyZyRVr3CwF8GAy0oEG0wfltBeiO2xjpHU45JwsbGVDlUy/fxZUw2FO9vZf
XJVJmWlpE8xlqrKHs6D+LsxsRcnkpMXF/V9zJODrdP+phx2OCdN0SSrav+wyXmdn
F4aJMU2MaAZXlSfskX76QxIJxb5q9WHI1iAphyYwLx7Z83C2f8SxhtVsIQ2cCCMn
MlXReUzjBoPn61P8fACghLNcDfZPbGouU8tS65jhN8mKKDnCwxiKn3xIGuNmPNdD
kt9xX9G0wcbv/y7kKMULfxh4Vo8c8LVVqOm/EStWYv5g4Z5Q2ZXhJ8PnT+8x/JM/
zeoh4VOceVntFFMGqjS8GineNr/ifUOHsqz+84eilycrsV9Sai5+nryyI7RFEM9Z
GF9luSUFfTZjCeef0RO7qBonJ3i5qn5StFbzeVDk++IhG/yWS5app1ahnQqOw7T2
Vkp3tksl3orf4rO9NFvG6zz/2XFFFl5tiXlpOiGegTmssZ3O79mWMsOeSGbH4bb4
WxX09vvJrXGQKCfhVdDLxB8wyabMrSFEtfzkGYOdAPv0ZNbQWfs6wLMZfL9v1uYz
VOmZ+GYk2zgEMnNcRWhcdvulbvqIyqherkPeQcOSpfAALvxVlWoU5bL00oKHvQ6O
33Fu96n1
=oteU
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Thu, 14 Sep 2017 07:26:10 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:38:35 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon