CVE-2007-3508: Integer overflow

Debian Bug report logs - #431858
CVE-2007-3508: Integer overflow

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Laurent Bonnaud <Laurent.Bonnaud@inpg.fr>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2007-3508: Integer overflow

Date: Thu, 05 Jul 2007 15:54:10 +0200

Package: libc6
Version: 2.5-11
Severity: important


Hi,

here is the problem:

http://www.gentoo.org/security/en/glsa/glsa-200707-04.xml


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (100, 'unstable'), (99, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.21-2-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libc6 depends on:
ii  libgcc1                 1:4.2-20070627-1 GCC support library

libc6 recommends no packages.

-- no debconf information

Message #10 received at 431858@bugs.debian.org (full text, mbox, reply):

From: Pierre Habouzit <madcoder@debian.org>

To: Laurent Bonnaud <Laurent.Bonnaud@inpg.fr>, 431858@bugs.debian.org

Subject: Re: Bug#431858: CVE-2007-3508: Integer overflow

Date: Thu, 5 Jul 2007 21:12:58 +0200

[Message part 1 (text/plain, inline)]

On Thu, Jul 05, 2007 at 03:54:10PM +0200, Laurent Bonnaud wrote:
> Package: libc6
> Version: 2.5-11
> Severity: important
> 
> 
> Hi,
> 
> here is the problem:
> 
> http://www.gentoo.org/security/en/glsa/glsa-200707-04.xml

  FWIW this has been discussed with the security team already, there is
no way to exploit this, whatever the gentoo GLSA says. It does not mean
that we won't fix it, but it's not a big problem at all, I'm not even
sure it deserves the important severity :)

Cheers,
-- 
·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

[Message part 2 (application/pgp-signature, inline)]

Message #15 received at 431858-close@bugs.debian.org (full text, mbox, reply):

From: Aurelien Jarno <aurel32@debian.org>

To: 431858-close@bugs.debian.org

Subject: Bug#431858: fixed in glibc 2.6-2

Date: Tue, 10 Jul 2007 09:32:06 +0000

Source: glibc
Source-Version: 2.6-2

We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive:

glibc-doc_2.6-2_all.deb
  to pool/main/g/glibc/glibc-doc_2.6-2_all.deb
glibc_2.6-2.diff.gz
  to pool/main/g/glibc/glibc_2.6-2.diff.gz
glibc_2.6-2.dsc
  to pool/main/g/glibc/glibc_2.6-2.dsc
libc6-dbg_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6-dbg_2.6-2_amd64.deb
libc6-dev-i386_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6-dev-i386_2.6-2_amd64.deb
libc6-dev_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6-dev_2.6-2_amd64.deb
libc6-i386_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6-i386_2.6-2_amd64.deb
libc6-pic_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6-pic_2.6-2_amd64.deb
libc6-prof_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6-prof_2.6-2_amd64.deb
libc6-udeb_2.6-2_amd64.udeb
  to pool/main/g/glibc/libc6-udeb_2.6-2_amd64.udeb
libc6_2.6-2_amd64.deb
  to pool/main/g/glibc/libc6_2.6-2_amd64.deb
libnss-dns-udeb_2.6-2_amd64.udeb
  to pool/main/g/glibc/libnss-dns-udeb_2.6-2_amd64.udeb
libnss-files-udeb_2.6-2_amd64.udeb
  to pool/main/g/glibc/libnss-files-udeb_2.6-2_amd64.udeb
locales-all_2.6-2_amd64.deb
  to pool/main/g/glibc/locales-all_2.6-2_amd64.deb
locales_2.6-2_all.deb
  to pool/main/g/glibc/locales_2.6-2_all.deb
nscd_2.6-2_amd64.deb
  to pool/main/g/glibc/nscd_2.6-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 431858@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 10 Jul 2007 09:17:49 +0200
Source: glibc
Binary: libc0.1-prof libc6-dev-amd64 locales-all libc6-i686 libc6-dev-ppc64 libc0.3-pic glibc-doc libc0.3 libc6-dev-mipsn32 libc0.1-i686 libc0.1-i386 libc6-mips64 libc6.1-dev libc6-s390x libnss-files-udeb libc0.1-dev-i386 libc6-dev-sparc64 libc6-i386 libc0.3-dev libc6-udeb libc6-dbg libc6.1-pic libc6-dev libc0.3-prof libc6-sparcv9 libc0.1-udeb libc6-dev-i386 libc6.1-prof libc6-mipsn32 libc0.1-dev locales libc6-pic libc0.3-udeb libc6-dev-powerpc libc0.1-pic libc6-ppc64 libc0.3-dbg libc0.1-dbg libc6-amd64 libc0.1 libc6-prof libc6-xen libc6-dev-mips64 libc6-powerpc libc6 libc6-sparcv9b libc6.1-udeb libc6.1-dbg nscd libc6-sparc64 libnss-dns-udeb libc6.1 libc6-dev-s390x
Architecture: source amd64 all
Version: 2.6-2
Distribution: unstable
Urgency: low
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description: 
 glibc-doc  - GNU C Library: Documentation
 libc6      - GNU C Library: Shared libraries
 libc6-dbg  - GNU C Library: Libraries with debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc6-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-prof - GNU C Library: Profiling Libraries
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb)
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 nscd       - GNU C Library: Name Service Cache Daemon
Closes: 428509 429487 431858
Changes: 
 glibc (2.6-2) unstable; urgency=low
 .
   [ Clint Adams ]
   * Add any/cvs-nis-nss-default.diff: preserve errno.
   * Add any/cvs-vfscanf.diff: add additional test for EOF
     in loop to look for conversion specifier to avoid testing of
     wrong errno value.
 .
   [ Aurelien Jarno ]
   * Add any/cvs-ld-integer-overflow.diff: fix an integer
     overflow in ld.so.  Closes: bug#431858.
   * hppa/submitted-multiple-threads.diff: new patch to fix an FTBFS on
     hppa.  Closes: bug#428509, bug#429487.
Files: 
 e6c88006999907130c4dbe1b478998d5 2292 libs required glibc_2.6-2.dsc
 1285f97c7cf9b86e754daf46ceee8459 665907 libs required glibc_2.6-2.diff.gz
 e2d64a25338d49646d0a9c46e4cc0d7c 1628732 doc optional glibc-doc_2.6-2_all.deb
 bfbb9d63113ee35addd2a41b6541cb34 4426222 libs standard locales_2.6-2_all.deb
 4456290b52ddf9fa7f0dd2173c3e5f58 4885602 libs required libc6_2.6-2_amd64.deb
 3957cf4be90e39ccad91eb4b30503481 2482136 libdevel optional libc6-dev_2.6-2_amd64.deb
 bd87f479a360e852a49c1e8ba13f8f13 1916128 libdevel extra libc6-prof_2.6-2_amd64.deb
 ab5306e9b5095a65fbdee2221f6e6873 1464722 libdevel optional libc6-pic_2.6-2_amd64.deb
 0bfbbf3db28fa128eaf7a21905253830 2613730 libs extra locales-all_2.6-2_amd64.deb
 3a4c740fd3b7dd6c7a9c7d2b18115e85 3706490 libs optional libc6-i386_2.6-2_amd64.deb
 5291eb1a436e832f7ef49a264f898198 1869704 libdevel optional libc6-dev-i386_2.6-2_amd64.deb
 32c1166025db954800f3df006fc9cc6d 162142 admin optional nscd_2.6-2_amd64.deb
 5c2a5d2d1e75a0e14b99dfe118a299af 5121270 libdevel extra libc6-dbg_2.6-2_amd64.deb
 63942a8ad72ba762685de8e5970b334a 1111162 debian-installer extra libc6-udeb_2.6-2_amd64.udeb
 25a4b9b58ea8b27e48e035888cf6ee89 9518 debian-installer extra libnss-dns-udeb_2.6-2_amd64.udeb
 f0819fe2e658b58701ee95ee7d99721a 17984 debian-installer extra libnss-files-udeb_2.6-2_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGk0Yrw3ao2vG823MRAgWZAJ4+QRxNNAMWI09UBMhQwW+OJgPiUwCfUus6
CI8eUlAuIB36JAOWr5dMKPo=
=0rqZ
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.