Debian Bug report logs -
#385893
CVE-2006-4262: Cscope Buffer Overflow Vulnerabilities
Reported by: Stefan Fritsch <sf@sfritsch.de>
Date: Sun, 3 Sep 2006 20:33:05 UTC
Severity: grave
Tags: patch, security
Found in versions 15.5+cvs20050816-2, 15.5-1.1sarge1
Fixed in versions 15.5+cvs20060902-1, 15.5-1.1sarge2
Done: Tobias Klauser <tklauser@access.unizh.ch>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian QA Group <packages@qa.debian.org>:
Bug#385893; Package cscope.
(full text, mbox, link).
Acknowledgement sent to Stefan Fritsch <sf@sfritsch.de>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian QA Group <packages@qa.debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: cscope
Severity: grave
Tags: security patch
Justification: user security hole
Some vulnerabilities have been found in cscope:
Multiple buffer overflows in cscope 15.5 and earlier allow
user-assisted attackers to cause a denial of service (crash) and
possibly execute arbitrary code via multiple vectors including (1) a
long pathname that is not properly handled during file list parsing,
(2) long pathnames that result from path variable expansion such as
tilde expansion for the HOME environment variable, and (3) a long -f
(aka reffile) command line argument.
The secunia advisory points to some patches:
http://secunia.com/advisories/21601
Message sent on to Stefan Fritsch <sf@sfritsch.de>:
Bug#385893.
(full text, mbox, link).
Message #8 received at 385893-submitter@bugs.debian.org (full text, mbox, reply):
Thanks for your report.
These vulnerabilities are fixed by the upload of 15.5+cvs20060902-1
(which is a CVS snapshot incorporating them). Obviously I was not
inspecting the upstream changelog good enough so this was not not
mentioned in the changelog. Sorry!
WRT to cscope in stable I can prepare patches if needed.
Thanks, Tobias
Bug marked as found in version 15.5+cvs20050816-2.
Request was from Stefan Fritsch <sf@sfritsch.de>
to control@bugs.debian.org.
(full text, mbox, link).
Bug marked as found in version 15.5-1.1sarge1.
Request was from Stefan Fritsch <sf@sfritsch.de>
to control@bugs.debian.org.
(full text, mbox, link).
Bug marked as fixed in version 15.5+cvs20060902-1, send any further explanations to Stefan Fritsch <sf@sfritsch.de>
Request was from Stefan Fritsch <sf@sfritsch.de>
to control@bugs.debian.org.
(full text, mbox, link).
Acknowledgement sent to Stefan Fritsch <sf@sfritsch.de>:
Extra info received and filed, but not forwarded.
(full text, mbox, link).
Message #19 received at 385893-quiet@bugs.debian.org (full text, mbox, reply):
package cscope
found 385893 15.5+cvs20050816-2
found 385893 15.5-1.1sarge1
close 385893 15.5+cvs20060902-1
thanks
> These vulnerabilities are fixed by the upload of 15.5+cvs20060902-1
> (which is a CVS snapshot incorporating them). Obviously I was not
> inspecting the upstream changelog good enough so this was not not
> mentioned in the changelog. Sorry!
No problem. Maybe you can add the CVE-id to the changelog on the next
upload. Thanks.
Cheers,
Stefan
Acknowledgement sent to Tobias Klauser <tklauser@access.unizh.ch>:
Extra info received and filed, but not forwarded.
(full text, mbox, link).
Message #24 received at 385893-quiet@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On 2006-09-10 at 14:53:03 +0200, Moritz Muehlenhoff <jmm@inutil.org> wrote:
> Tobias Klauser wrote:
> > Thanks for your report.
> >
> > These vulnerabilities are fixed by the upload of 15.5+cvs20060902-1
> > (which is a CVS snapshot incorporating them). Obviously I was not
> > inspecting the upstream changelog good enough so this was not not
> > mentioned in the changelog. Sorry!
> >
> > WRT to cscope in stable I can prepare patches if needed.
>
> Please go ahead.
Attached is the patch against cscope-15.5-1.1sarge1. It was taken from
upstream CVS according to the changelog [1] and adapted to this version.
[1]
http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500
I built the package with the patch applied on sarge with pbuilder and
there were no problems.
Hope that helps,
Tobias
[cve-2006-4262.diff (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]
Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
Extra info received and filed, but not forwarded.
(full text, mbox, link).
Message #29 received at 385893-quiet@bugs.debian.org (full text, mbox, reply):
Tobias Klauser wrote:
> Attached is the patch against cscope-15.5-1.1sarge1. It was taken from
> upstream CVS according to the changelog [1] and adapted to this version.
Thanks, update is building now.
Cheers,
Moritz
Bug marked as fixed in version 15.5-1.1sarge2, send any further explanations to Stefan Fritsch <sf@sfritsch.de>
Request was from Tobias Klauser <tklauser@access.unizh.ch>
to control@bugs.debian.org.
(full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 27 Jun 2007 04:47:08 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:35:54 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon