Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

curl: CVE-2018-1000301: RTSP bad headers buffer over-read

Related Vulnerabilities: CVE-2018-1000301   CVE-2018-1000120   CVE-2018-1000121   CVE-2018-1000122   CVE-2018-1000300  

Source

Debian Bug report logs - #898856
curl: CVE-2018-1000301: RTSP bad headers buffer over-read

version graph

Package: curl; Maintainer for curl is Alessandro Ghedini <ghedo@debian.org>; Source for curl is src:curl (PTS, buildd, popcon).

Reported by: Chris Lamb <lamby@debian.org>

Date: Wed, 16 May 2018 18:00:02 UTC

Severity: grave

Tags: fixed-upstream, security, upstream

Found in versions curl/7.38.0-1, curl/7.26.0-1+wheezy13

Fixed in versions 7.38.0-4+deb8u11, 7.52.1-5+deb9u6, curl/7.60.0-1

Done: Alessandro Ghedini <ghedo@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, Alessandro Ghedini <ghedo@debian.org>:
Bug#898856; Package curl. (Wed, 16 May 2018 18:00:04 GMT) (full text, mbox, link).

Acknowledgement sent to Chris Lamb <lamby@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Alessandro Ghedini <ghedo@debian.org>. (Wed, 16 May 2018 18:00:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Chris Lamb <lamby@debian.org>
To: submit@bugs.debian.org
Subject: curl: CVE-2018-1000301: RTSP bad headers buffer over-read
Date: Wed, 16 May 2018 18:57:50 +0100
Package: curl
Version: 7.26.0-1+wheezy13
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for curl:

 https://curl.haxx.se/docs/adv_2018-b138.html

It was given CVE number CVE-2018-1000301[0]:

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-1000301
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

Marked as found in versions curl/7.38.0-1. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 16 May 2018 19:45:05 GMT) (full text, mbox, link).

Added tag(s) upstream and fixed-upstream. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 16 May 2018 19:48:05 GMT) (full text, mbox, link).

Marked as fixed in versions 7.38.0-4+deb8u11. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 16 May 2018 20:06:03 GMT) (full text, mbox, link).

Marked Bug as done Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 16 May 2018 20:06:03 GMT) (full text, mbox, link).

Notification sent to Chris Lamb <lamby@debian.org>:
Bug acknowledged by developer. (Wed, 16 May 2018 20:06:04 GMT) (full text, mbox, link).

Marked as fixed in versions 7.52.1-5+deb9u6. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 16 May 2018 20:06:04 GMT) (full text, mbox, link).

Message sent on to Chris Lamb <lamby@debian.org>:
Bug#898856. (Wed, 16 May 2018 20:06:10 GMT) (full text, mbox, link).

Message #20 received at 898856-submitter@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: control@bugs.debian.org
Cc: 898856-submitter@bugs.debian.org
Subject: closing 898856, closing 898856
Date: Wed, 16 May 2018 22:02:28 +0200
close 898856 7.38.0-4+deb8u11
close 898856 7.52.1-5+deb9u6
thanks

Reply sent to Alessandro Ghedini <ghedo@debian.org>:
You have taken responsibility. (Fri, 18 May 2018 19:51:09 GMT) (full text, mbox, link).

Notification sent to Chris Lamb <lamby@debian.org>:
Bug acknowledged by developer. (Fri, 18 May 2018 19:51:09 GMT) (full text, mbox, link).

Message #25 received at 898856-close@bugs.debian.org (full text, mbox, reply):

From: Alessandro Ghedini <ghedo@debian.org>
To: 898856-close@bugs.debian.org
Subject: Bug#898856: fixed in curl 7.60.0-1
Date: Fri, 18 May 2018 19:49:25 +0000
Source: curl
Source-Version: 7.60.0-1

We believe that the bug you reported is fixed in the latest version of
curl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 898856@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alessandro Ghedini <ghedo@debian.org> (supplier of updated curl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 May 2018 20:21:17 +0100
Source: curl
Binary: curl libcurl3 libcurl3-gnutls libcurl3-nss libcurl4-openssl-dev libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-doc
Architecture: source
Version: 7.60.0-1
Distribution: unstable
Urgency: medium
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Description:
 curl       - command line tool for transferring data with URL syntax
 libcurl3   - easy-to-use client-side URL transfer library (OpenSSL flavour)
 libcurl3-gnutls - easy-to-use client-side URL transfer library (GnuTLS flavour)
 libcurl3-nss - easy-to-use client-side URL transfer library (NSS flavour)
 libcurl4-doc - documentation for libcurl
 libcurl4-gnutls-dev - development files and documentation for libcurl (GnuTLS flavour)
 libcurl4-nss-dev - development files and documentation for libcurl (NSS flavour)
 libcurl4-openssl-dev - development files and documentation for libcurl (OpenSSL flavour)
Closes: 891997 893546 898856
Changes:
 curl (7.60.0-1) unstable; urgency=medium
 .
   * New upstream release (Closes: #891997, #893546, #898856)
     + Fix use of IPv6 literals with NO_PROXY
     + Fix NIL byte out of bounds write due to FTP path trickery
       as per CVE-2018-1000120
       https://curl.haxx.se/docs/adv_2018-9cd6.html
     + Fix LDAP NULL pointer dereference as per CVE-2018-1000121
       https://curl.haxx.se/docs/adv_2018-97a2.html
     + Fix RTSP RTP buffer over-read as per CVE-2018-1000122
       https://curl.haxx.se/docs/adv_2018-b047.html
     + Fix heap buffer overflow when closing down an FTP connection
       with very long server command replies as per CVE-2018-1000300
       https://curl.haxx.se/docs/adv_2018-82c2.html
     + Fix heap buffer over-read when parsing bad RTSP headers
       as per CVE-2018-1000301
       https://curl.haxx.se/docs/adv_2018-b138.html
   * Refresh patches
   * Bump Standards-Version to 4.1.4 (no changes needed)
Checksums-Sha1:
 17ea89ff570f6466eaab758c5571e9537e3edea2 2678 curl_7.60.0-1.dsc
 31c68f25832ee3af7480a48d1d5dffbe6771df17 3949173 curl_7.60.0.orig.tar.gz
 3bd916f98238507af55094a476f94d5f683ab1f5 28044 curl_7.60.0-1.debian.tar.xz
 d7baa16151de879cb30d649457d02eca0becb5b6 11037 curl_7.60.0-1_amd64.buildinfo
Checksums-Sha256:
 bc0ff8df97daaef91be8492f006705620edb8129a91cf96bd52b321edccbe4be 2678 curl_7.60.0-1.dsc
 e9c37986337743f37fd14fe8737f246e97aec94b39d1b71e8a5973f72a9fc4f5 3949173 curl_7.60.0.orig.tar.gz
 9df332182666f04e07a676059942c6c4f7c786be84d938bcaf13bdb4e03c9c15 28044 curl_7.60.0-1.debian.tar.xz
 f598785e350d65c5632040cf60711194f099e7cf0ecc11238f398ae14beefa54 11037 curl_7.60.0-1_amd64.buildinfo
Files:
 c96352a68653156f136dea88a708710f 2678 web optional curl_7.60.0-1.dsc
 48eb126345d3b0f0a71a486b7f5d0307 3949173 web optional curl_7.60.0.orig.tar.gz
 337a49ee94c699e5d1778bd00e234d70 28044 web optional curl_7.60.0-1.debian.tar.xz
 7bb524e3fc07fab2a8101e7798b96480 11037 web optional curl_7.60.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAlr/KKYACgkQbwzL4CFi
Ryjl3Q//SkK5BErM205mP6pjsacLr1BUooqlNuS7il8blqpSztuxD7em1MkpWRhR
cC7kBVbFtaP8QJq9nK0UOHUdA5ctsQRw+X1m1v3RAYLWn+1BKtyiWUJFAl09ZSyd
c4PYpeZ5CVKEvzY3RjJyb67UR0zONpiZYfG9HPWIsPQzavPJz5kOjj6SdtpnrLGN
L8jp0exUwjmWg/JUaWKBbsa1ATM+nS7uW+sv4PewWNPniNuGQObNHGSeRvPvj/TW
UkZ4hZPDDjxztZJRO9XjMfHAq6hldb6tuckzWCEORC9+X17El1ezS0FEL71IkNmU
sddH5mj9WVxqV3VGMcW85A66SssJDWDaSCiK0CmDBsxH2T40MuoSiu9aIWHkTsNd
mM441gQ6vLVr7sOIcuUFqZPxYEsIM7PTiskk6xvqYPSVU0kP5aTPOwLf4Ktc46Dp
96/ZyRvv6tY1MV7nqm2cYx6+2pYrwjVyoWb0swCZ5weEthsOL1DM9mpQT2Sr95Ql
zxIKNZ7D5LPQE5s85lXuufTjlUxXnb3wIiQqNeSouqQQ33y/Vlp3/Fv+HJOj/lf7
T1riF9JAqd2BVWQs7uSaQv4fNArJ95oUDAZy54NFkRBiMRgh4raJw78noJctcK18
VH5xVzf9UepsEIS0C313u+fie0bFr02n6jz9tpVM+U61mCUrlv0=
=Ts3m
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 08 Aug 2018 07:43:21 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 18:26:41 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started