Debian Bug report logs -
#859447
radare2: CVE-2017-6448
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 3 Apr 2017 16:12:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in versions radare2/1.1.0+dfsg-3, radare2/1.1.0+dfsg-1
Fixed in versions radare2/1.3.0+dfsg-1, radare2/1.1.0+dfsg-4
Done: Sebastian Reichel <sre@debian.org>
Bug is archived. No further changes may be made.
Forwarded to https://github.com/radare/radare2/issues/6885
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Sebastian Reichel <sre@debian.org>:
Bug#859447; Package src:radare2.
(Mon, 03 Apr 2017 16:12:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Sebastian Reichel <sre@debian.org>.
(Mon, 03 Apr 2017 16:12:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: radare2
Version: 1.1.0+dfsg-3
Severity: important
Tags: security patch upstream
Forwarded: https://github.com/radare/radare2/issues/6885
Hi,
the following vulnerability was published for radare2.
CVE-2017-6448[0]:
| The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2
| 1.2.1 allows remote attackers to cause a denial of service (stack-based
| buffer overflow and application crash) or possibly have unspecified
| other impact via a crafted DEX file.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-6448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6448
[1] https://github.com/radare/radare2/issues/6885
[2] https://github.com/radare/radare2/commit/f41e941341e44aa86edd4483c4487ec09a074257
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
-- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Marked as fixed in versions radare2/1.3.0+dfsg-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 03 Apr 2017 16:18:06 GMT) (full text, mbox, link).
Marked as found in versions radare2/1.1.0+dfsg-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 03 Apr 2017 16:18:07 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Mon, 10 Apr 2017 17:33:15 GMT) (full text, mbox, link).
Reply sent
to Sebastian Reichel <sre@debian.org>:
You have taken responsibility.
(Tue, 11 Apr 2017 14:51:08 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Tue, 11 Apr 2017 14:51:08 GMT) (full text, mbox, link).
Message #16 received at 859447-close@bugs.debian.org (full text, mbox, reply):
Source: radare2
Source-Version: 1.1.0+dfsg-4
We believe that the bug you reported is fixed in the latest version of
radare2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 859447@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Reichel <sre@debian.org> (supplier of updated radare2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 11 Apr 2017 15:34:39 +0200
Source: radare2
Binary: radare2 libradare2-1.1 libradare2-dev libradare2-common
Architecture: source amd64 all
Version: 1.1.0+dfsg-4
Distribution: unstable
Urgency: high
Maintainer: Sebastian Reichel <sre@debian.org>
Changed-By: Sebastian Reichel <sre@debian.org>
Description:
libradare2-1.1 - libraries from the radare2 suite
libradare2-common - arch independent files from the radare2 suite
libradare2-dev - devel files from the radare2 suite
radare2 - free and advanced command line hexadecimal editor
Closes: 859447 859448
Changes:
radare2 (1.1.0+dfsg-4) unstable; urgency=high
.
* Add upstream patches to fix security bugs
- CVE-2017-6194 (Closes: #859448)
The relocs function in libr/bin/p/bin_bflt.c allows remote
attackers to cause a denial of service (heap-based buffer
overflow and application crash) or possibly have unspecified
other impact via a crafted binary file.
- CVE-2017-6448 (Closes: #859447)
The dalvik_disassemble function in libr/asm/p/asm_dalvik.c allows
remote attackers to cause a denial of service (stack-based buffer
overflow and application crash) or possibly have unspecified other
impact via a crafted DEX file.
Checksums-Sha1:
147b0d7b2fe30e86480a9b022bd04f9acafe79b8 2234 radare2_1.1.0+dfsg-4.dsc
ea8b83abf831121bb02bdc887c5e8711bde7a9a5 24512 radare2_1.1.0+dfsg-4.debian.tar.xz
b6bec9567891cb9228661d30f0c7eca02ddec8f8 8649738 libradare2-1.1-dbgsym_1.1.0+dfsg-4_amd64.deb
db809e8f6489637198cb5be62d59e2dad0e5874a 2056216 libradare2-1.1_1.1.0+dfsg-4_amd64.deb
784775ca3db33375036ed2ffbb484b4f4a431a4f 522136 libradare2-common_1.1.0+dfsg-4_all.deb
0d33ea7fcceb6b7dffdea2a06a93f9de0505c165 146596 libradare2-dev_1.1.0+dfsg-4_amd64.deb
b680aa188e2bbb411b677771ad1a91c70f98fc9f 294844 radare2-dbgsym_1.1.0+dfsg-4_amd64.deb
55fef530ad26e370d8d0cbbbac02acb67d138acd 9220 radare2_1.1.0+dfsg-4_amd64.buildinfo
2a8f84b0b238d312a938bf9d30c462361a4fb0f1 151620 radare2_1.1.0+dfsg-4_amd64.deb
Checksums-Sha256:
d3a474dec8d60a506340163798c3d036e341be95a628d889455ac89d208d52cb 2234 radare2_1.1.0+dfsg-4.dsc
396e8e559e06a89339ce3be2338b2526f0483f07267df9e228daaa77cd3d9bb9 24512 radare2_1.1.0+dfsg-4.debian.tar.xz
71b9fa3c131aa012302c48cd93e613ba4759b0fd8b70dbf305c591181a185ac2 8649738 libradare2-1.1-dbgsym_1.1.0+dfsg-4_amd64.deb
d13cd7ee7d49328694378122e377beaeae2c491256ff87393cee4804a3c41c49 2056216 libradare2-1.1_1.1.0+dfsg-4_amd64.deb
cff5d3eea557289722e399220d1454a5436c34a7b5ec4ace7ab62ca2308c3dd0 522136 libradare2-common_1.1.0+dfsg-4_all.deb
3790b0739baadf6bacd2a0502ba6bb11af79857feb633c440728f6af6fa9f6f1 146596 libradare2-dev_1.1.0+dfsg-4_amd64.deb
36d77dde4a48e2bdd9853b6d7c50019c689cd6b029c991ac5b929c5b48b2e74b 294844 radare2-dbgsym_1.1.0+dfsg-4_amd64.deb
edc431fb2ed44294056b5f2e3c7fb645040655efd21cb7f534e6e6f67b468e07 9220 radare2_1.1.0+dfsg-4_amd64.buildinfo
d13e652c9d67e3946b42c9468b3ebef5f2ad99b7e8ace3b96831585ed0a46ddd 151620 radare2_1.1.0+dfsg-4_amd64.deb
Files:
905cd5926b0fa543c128ff81f1706ea8 2234 devel extra radare2_1.1.0+dfsg-4.dsc
7b4c10554a0f502b175175f3f8336f67 24512 devel extra radare2_1.1.0+dfsg-4.debian.tar.xz
dfd3e702c1b53c3d1441517c696835b6 8649738 debug extra libradare2-1.1-dbgsym_1.1.0+dfsg-4_amd64.deb
87e284ccbde21a9bd29c7afc607e3509 2056216 libs extra libradare2-1.1_1.1.0+dfsg-4_amd64.deb
3bbcf96a3247a0354888893c7612f8d1 522136 devel extra libradare2-common_1.1.0+dfsg-4_all.deb
66275a8dd5ba1ad80ddb0a9b81a20076 146596 libdevel extra libradare2-dev_1.1.0+dfsg-4_amd64.deb
0f45d80165e73844a8b019ba92b58471 294844 debug extra radare2-dbgsym_1.1.0+dfsg-4_amd64.deb
e0b4ca35456d658c1ef71e0608fe805a 9220 devel extra radare2_1.1.0+dfsg-4_amd64.buildinfo
d1ac88aa2522ca9e28f1ac0031afff8d 151620 devel extra radare2_1.1.0+dfsg-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJY7OK5AAoJENju1/PIO/qaEsAP/0vHKzH9k7HXauYvC1EJEp/X
vhEm/2MoqTi6qFErL23TgIbVgJjMJgvHa1L6uHdKNXF3tFBw0O15q3/LP8wiwxrM
lVmvdNG/HlYQfqmups6ZM5ZSGKo1BtOFKiY3XZzU7fHXbaNea/DLovGKAS/sw6gZ
kvedLvqC7ZgD/Ssthh4b40U0zRALYQ+d8qZZ5tbF/6G9DX11zj8XocOdpYxLgzx6
V/1OslvbIlS+JD5thPS7UqvdPky6KIWB49NUalvkSSOzcqgWdxPddC59cg/ya2gf
XPjhUxOPupafPVeUtuAWeb/uVWiR++GLikQc0fgqUs2KY+kcC+REv/iyTOtoY/+L
ik4H/lajmGGFXWsoU92D+gqfDIQkoUllVQj0+ZZTsaCqqNomo/W6Hv6ik6arNNji
nha0nPA3+y2ZvrAjZyFxHbv/P7qh8Ev1y43waNDnZ+D2wT1xtLN5kvBJSv+8YGHs
pjReDsTzLN/mNiU4Yv5Q9UpMQPO7LqiPILYu/QS7vgqpeyl6BUlSqdsiQ7WuVmCf
3mZrNDcb8rDYpjGrS+xPfJL8omQDTpdXJ35HBPneVzHVLvbR1PKIa444nrF4pHF6
v5Bso/7gRTaUC41paFW5gmPAgBi+RU9xWr6DBqNqM7akLXOTx+3quQh5tP0a5soF
c/ZoNPk/MPmiyiY12UGw
=Y6Jj
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 24 May 2017 07:26:34 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:43:53 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon