Debian Bug report logs -
#428293
file - CVE-2007-2799: incorrect patch for CVE-2007-1536
Reported by: Bastian Blank <waldi@debian.org>
Date: Sun, 10 Jun 2007 14:03:01 UTC
Severity: serious
Tags: security
Found in version file/4.17-5etch4
Fixed in version file/4.17-5etch4
Done: Daniel Baumann <daniel@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to Bastian Blank <waldi@debian.org>
:
New Bug report received and forwarded. Copy sent to Daniel Baumann <daniel@debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: file
Version: 4.21-1
Severity: serious
Tags: security
| Integer overflow in the "file" program 4.20, when running on 32-bit
| systems, might allow user-assisted attackers to execute arbitrary code
| via a large file that triggers an overflow that bypasses an assert()
| statement. NOTE: this issue is due to an incorrect patch for
| CVE-2007-1536.
Bastian
--
Each kiss is as the first.
-- Miramanee, Kirk's wife, "The Paradise Syndrome",
stardate 4842.6
[signature.asc (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to Daniel Baumann <daniel@debian.org>
:
Extra info received and forwarded to list.
(full text, mbox, link).
Message #10 received at 428293@bugs.debian.org (full text, mbox, reply):
> Integer overflow in the "file" program 4.20, when running on 32-bit
> systems, might allow user-assisted attackers to execute arbitrary code
> via a large file that triggers an overflow that bypasses an assert()
> statement. NOTE: this issue is due to an incorrect patch for
> CVE-2007-1536.
As file 4.21 is not affected, only sarge and needs an update. Sending the proposed package to the security team now.
Regards,
Daniel
Information forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to Touko Korpela <tkorpela@phnet.fi>
:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel@debian.org>
.
(full text, mbox, link).
Message #15 received at 428293@bugs.debian.org (full text, mbox, reply):
Package: file
Version: 4.21-1
Followup-For: Bug #428293
Different issue, but here is information about DoS bug:
http://www.amavis.org/security/asa-2007-3.txt
-quote begin-
To check, if this issue has been properly fixed, please do
the following steps:
$ perl -e 'for (1..2700) {print "\n" x 10}' >0.lis
$ file 0.lis
The output
"0.lis: ASCII text"
must appear immediately, without creating a huge CPU load.
-quote end-
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (900, 'testing'), (900, 'stable'), (700, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-k7 (SMP w/1 CPU core)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages file depends on:
ii libc6 2.5-10 GNU C Library: Shared libraries
ii libmagic1 4.21-1 File type determination library us
file recommends no packages.
-- no debconf information
Information forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to daniel@debian.org
:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel@debian.org>
.
Your message did not contain a Subject field. They are recommended and
useful because the title of a Bug is determined using this field.
Please remember to include a Subject field in your messages in future.
(full text, mbox, link).
Message #20 received at 428293@bugs.debian.org (full text, mbox, reply):
tags 428293 +etch
thanks
> As file 4.21 is not affected, only sarge and needs an update. Sending
> the proposed package to the security team now.
s/sarge/etch/
--
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: daniel.baumann@panthera-systems.net
Internet: http://people.panthera-systems.net/~daniel-baumann/
Tags added: etch
Request was from Daniel Baumann <daniel@debian.org>
to control@bugs.debian.org
.
(Tue, 12 Jun 2007 11:24:03 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to Touko Korpela <tkorpela@phnet.fi>
:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel@debian.org>
.
(full text, mbox, link).
Message #27 received at 428293@bugs.debian.org (full text, mbox, reply):
found 428293 4.17-5etch4
thanks
What's status of this bug?
DoS in 4.21-1 is still there too.
Bug marked as found in version 4.17-5etch4.
Request was from Touko Korpela <tkorpela@phnet.fi>
to control@bugs.debian.org
.
(Mon, 02 Jul 2007 13:00:03 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>
:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel@debian.org>
.
(full text, mbox, link).
Message #34 received at 428293@bugs.debian.org (full text, mbox, reply):
On Sun, Jun 10, 2007 at 03:11:10PM +0000, Daniel Baumann wrote:
> > Integer overflow in the "file" program 4.20, when running on 32-bit
> > systems, might allow user-assisted attackers to execute arbitrary code
> > via a large file that triggers an overflow that bypasses an assert()
> > statement. NOTE: this issue is due to an incorrect patch for
> > CVE-2007-1536.
>
> As file 4.21 is not affected, only sarge and needs an update. Sending the proposed package to the security team now.
This bug was filed against version 4.21-1 (which is in
testing/unstable), but it marked as only affecting etch.
I guess the 4.21-1 should be removed from the found version
list, and added to the fixed list? (And the etch tag can then
also be removed.)
Kurt
Information forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to kurt@roeckx.be (Kurt Roeckx)
:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel@debian.org>
.
(full text, mbox, link).
Message #39 received at 428293@bugs.debian.org (full text, mbox, reply):
# Automatically generated email from bts, devscripts version 2.9.6
# Someone mentioned that 4.21-1 has the problem too, so removing tag. Please fix the version information if it's wrong.
tags 428293 - etch
Tags removed: etch
Request was from kurt@roeckx.be (Kurt Roeckx)
to control@bugs.debian.org
.
(Sun, 22 Jul 2007 22:33:03 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Daniel Baumann <daniel@debian.org>
:
Bug#428293
; Package file
.
(full text, mbox, link).
Acknowledgement sent to Touko Korpela <tkorpela@phnet.fi>
:
Extra info received and forwarded to list. Copy sent to Daniel Baumann <daniel@debian.org>
.
(full text, mbox, link).
Message #46 received at 428293@bugs.debian.org (full text, mbox, reply):
Could security team look at this and make upload for stable (and perhaps
oldstable)?
DoS in unstable is still there too, but that's perhaps different issue.
Bug marked as not found in version 4.21-1.
Request was from Touko Korpela <tkorpela@phnet.fi>
to control@bugs.debian.org
.
(Tue, 31 Jul 2007 23:09:03 GMT) (full text, mbox, link).
Bug marked as fixed in version 4.17-5etch4.
Request was from Touko Korpela <tkorpela@phnet.fi>
to control@bugs.debian.org
.
(Wed, 01 Aug 2007 22:18:03 GMT) (full text, mbox, link).
Reply sent to daniel@debian.org
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Bastian Blank <waldi@debian.org>
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #55 received at 428293-done@bugs.debian.org (full text, mbox, reply):
This bug has been fixed everywhere, hence closing it.
--
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email: daniel.baumann@panthera-systems.net
Internet: http://people.panthera-systems.net/~daniel-baumann/
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Wed, 12 Sep 2007 07:31:18 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:32:30 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.