Debian Bug report logs -
#343560
-icshost buffer overflow
Reported by: Joey Hess <joeyh@debian.org>
Date: Fri, 16 Dec 2005 03:33:02 UTC
Severity: normal
Found in version xboard/4.2.7-2
Fixed in version xboard/4.2.7-3
Done: Florian Ernst <florian@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Florian Ernst <florian@debian.org>
:
Bug#343560
; Package xboard
.
(full text, mbox, link).
Acknowledgement sent to Joey Hess <joeyh@debian.org>
:
New Bug report received and forwarded. Copy sent to Florian Ernst <florian@debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: xboard
Version: 4.2.7-2
Severity: normal
Long -icshost prameters can crash xboard:
joey@dragon:~/tmp>xboard -ics -icshost $(perl -e 'print "a" x 1000')
zsh: segmentation fault xboard -ics -icshost $(perl -e 'print "a" x 1000')
This bug is tracked as a security hole in CVE-2004-2552
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2552), but
I'm not tagging the bug as a security hole since there is no known
attack vector as xboard is not suid and is not normally called by programs
with a different set of permissions.
So I filed this bug just for completness; there's no reason not to fix
the buffer overflow anyway.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages xboard depends on:
ii libc6 2.3.5-8.1 GNU C Library: Shared libraries an
ii libice6 6.8.2.dfsg.1-11 Inter-Client Exchange library
ii libsm6 6.8.2.dfsg.1-11 X Window System Session Management
ii libx11-6 6.8.2.dfsg.1-11 X Window System protocol client li
ii libxext6 6.8.2.dfsg.1-11 X Window System miscellaneous exte
ii libxmu6 6.8.2.dfsg.1-11 X Window System miscellaneous util
ii libxpm4 6.8.2.dfsg.1-11 X pixmap library
ii libxt6 6.8.2.dfsg.1-11 X Toolkit Intrinsics
ii xaw3dg 1.5+E-9 Xaw3d widget set
ii xlibs 6.8.2.dfsg.1-11 X Window System client libraries m
Versions of packages xboard recommends:
ii xfonts-100dpi 6.8.2.dfsg.1-11 100 dpi fonts for X
ii xfonts-75dpi 6.8.2.dfsg.1-11 75 dpi fonts for X
-- no debconf information
--
see shy jo
[signature.asc (application/pgp-signature, inline)]
Acknowledgement sent to Florian Ernst <florian@uni-hd.de>
:
Extra info received and filed, but not forwarded.
(full text, mbox, link).
Message #10 received at 343560-quiet@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hello Joey,
thanks a lot for the report.
On Thu, Dec 15, 2005 at 10:31:06PM -0500, Joey Hess wrote:
> Long -icshost prameters can crash xboard:
> [...]
> This bug is tracked as a security hole in CVE-2004-2552
> (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2552), but
> I'm not tagging the bug as a security hole since there is no known
> attack vector as xboard is not suid and is not normally called by programs
> with a different set of permissions.
I'll look into it this evening, hopefully uploading a fixed version.
Cheers,
Flo
[signature.asc (application/pgp-signature, inline)]
Reply sent to Florian Ernst <florian@debian.org>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Joey Hess <joeyh@debian.org>
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #15 received at 343560-close@bugs.debian.org (full text, mbox, reply):
Source: xboard
Source-Version: 4.2.7-3
We believe that the bug you reported is fixed in the latest version of
xboard, which is due to be installed in the Debian FTP archive:
xboard_4.2.7-3.diff.gz
to pool/main/x/xboard/xboard_4.2.7-3.diff.gz
xboard_4.2.7-3.dsc
to pool/main/x/xboard/xboard_4.2.7-3.dsc
xboard_4.2.7-3_i386.deb
to pool/main/x/xboard/xboard_4.2.7-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 343560@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Florian Ernst <florian@debian.org> (supplier of updated xboard package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 16 Dec 2005 22:25:34 +0100
Source: xboard
Binary: xboard
Architecture: source i386
Version: 4.2.7-3
Distribution: unstable
Urgency: low
Maintainer: Florian Ernst <florian@debian.org>
Changed-By: Florian Ernst <florian@debian.org>
Description:
xboard - An X Window System Chess Board
Closes: 343560
Changes:
xboard (4.2.7-3) unstable; urgency=low
.
* Fix -icshost buffer overflow (Closes: #343560)
* Too many independent multi-file patches, so now moving to dpatch
Files:
b17b270b0829b594f69c5e1ebd737fcc 601 games optional xboard_4.2.7-3.dsc
c4beb999a96b48eaea40c924f47adae5 11489 games optional xboard_4.2.7-3.diff.gz
9ab76d0d88bd87c8a8e74d9b3117089d 520626 games optional xboard_4.2.7-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDozJfs3U+TVFLPnwRAjGgAJ0bPfFil5KnB5D5BNMjMIewZb9tVQCeOvLM
vBBvvpun4enUTkpKY4YRUt4=
=gWSA
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Tue, 26 Jun 2007 02:29:16 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:31:10 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.