dhcpcd5: CVE-2019-11766: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE

Debian Bug report logs - #928440
dhcpcd5: CVE-2019-11766: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: "Timo Sigurdsson" <public_timo.s@silentcreek.de>

To: submit@bugs.debian.org, team@security.debian.org

Subject: dhcpcd5: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE

Date: Sat, 4 May 2019 20:08:38 +0200 (CEST)

Package: dhcpcd5
Version: 7.1.0-1
Severity: serious
Tags: security upstream fixed-upstream

Dear Maintainer,

another week - another bug ;) Upstream released version 7.2.2 of dhcpcd5 fixing another potential security issue in DHCPv6. All versions currently supported in Debian (jessie, stretch, buster, sid) seem to be vulnerable [1].

The following issue has been fixed (copied from upstream's announcement):
  *  DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE


Upstream provides two patches for version 7 which would be relevant for buster and sid [2][3]. In addition, version 6.10.7 was released addressing the same issue. The patches from this release might be useful for backporting to stretch and jessie [4][5].

Please consider applying/backporting those patches in your next round of uploads.

Thanks and regards,

Timo

[1] https://roy.marples.name/archives/dhcpcd-discuss/0002428.html
[2] https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-7&id=c1ebeaafeb324bac997984abdcee2d4e8b61a8a8
[3] https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-7&id=896ef4a54b0578985e5e1360b141593f1d62837b
[4] https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-6&id=c8887c666aacd01bc8f420d617d538cb9fef54f3
[5] https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-6&id=eb7aee47581bea64a93080abbde06bd6714321e6

Message #10 received at 928440@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Timo Sigurdsson <public_timo.s@silentcreek.de>, 928440@bugs.debian.org

Cc: team@security.debian.org

Subject: Re: Bug#928440: dhcpcd5: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE

Date: Sun, 5 May 2019 10:30:07 +0200

Control: retitle -1 dhcpcd5: CVE-2019-11766: DHCPv6: Potential read overflow with D6_OPTION_PD_EXCLUDE

Hi,

On Sat, May 04, 2019 at 08:08:38PM +0200, Timo Sigurdsson wrote:
> Package: dhcpcd5
> Version: 7.1.0-1
> Severity: serious
> Tags: security upstream fixed-upstream
> 
> Dear Maintainer,
> 
> another week - another bug ;) Upstream released version 7.2.2 of
> dhcpcd5 fixing another potential security issue in DHCPv6. All
> versions currently supported in Debian (jessie, stretch, buster,
> sid) seem to be vulnerable [1].
> 
> The following issue has been fixed (copied from upstream's announcement):
>   *  DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE
> 
> 
> Upstream provides two patches for version 7 which would be relevant
> for buster and sid [2][3]. In addition, version 6.10.7 was released
> addressing the same issue. The patches from this release might be
> useful for backporting to stretch and jessie [4][5].
> 
> Please consider applying/backporting those patches in your next
> round of uploads.

This issue has been assigned CVE-2019-11766 by MITRE.

Regards,
Salvatore

Message #17 received at 928440-close@bugs.debian.org (full text, mbox, reply):

From: Scott Leggett <scott@sl.id.au>

To: 928440-close@bugs.debian.org

Subject: Bug#928440: fixed in dhcpcd5 7.1.0-2

Date: Tue, 07 May 2019 15:48:35 +0000

Source: dhcpcd5
Source-Version: 7.1.0-2

We believe that the bug you reported is fixed in the latest version of
dhcpcd5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 928440@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Scott Leggett <scott@sl.id.au> (supplier of updated dhcpcd5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 05 May 2019 21:55:14 +0800
Source: dhcpcd5
Binary: dhcpcd5 dhcpcd5-dbgsym
Architecture: source amd64
Version: 7.1.0-2
Distribution: unstable
Urgency: high
Maintainer: Scott Leggett <scott@sl.id.au>
Changed-By: Scott Leggett <scott@sl.id.au>
Description:
 dhcpcd5    - DHCPv4, IPv6RA and DHCPv6 client with IPv4LL support
Closes: 928056 928104 928105 928440
Changes:
 dhcpcd5 (7.1.0-2) unstable; urgency=high
 .
   * Apply upstream patches to fix potential security vulnerabilities:
     CVE-2019-11578, CVE-2019-11579, CVE-2019-11577, and CVE-2019-11766.
     (Closes: #928056, #928104, #928105, #928440)
   * Add lintian override for upstream patch spelling
Checksums-Sha1:
 6d7058d48b9456da69d0fb7370ff27567aa4b83a 1932 dhcpcd5_7.1.0-2.dsc
 3a3fd4013fb0a21097319713b3af168190f26ae4 13524 dhcpcd5_7.1.0-2.debian.tar.xz
 75f83a28ce2e103a274ae7c8157adaaee1bb362a 425436 dhcpcd5-dbgsym_7.1.0-2_amd64.deb
 d64151559e91dc2b36ba530f869d1abbd988b2cf 5500 dhcpcd5_7.1.0-2_amd64.buildinfo
 eaeb6d6ac60b03b5578397bfa9978d5570f88993 163448 dhcpcd5_7.1.0-2_amd64.deb
Checksums-Sha256:
 6defc54426e666561d850792d903ed3136a435021ed35219883823317f91fbfd 1932 dhcpcd5_7.1.0-2.dsc
 5cd77586c7fe16207828ce23df70638f4a0d46040eefe0237299394802d11890 13524 dhcpcd5_7.1.0-2.debian.tar.xz
 1387dd61520f487be36a08b540861d97897739842a24933616d83e69279b3089 425436 dhcpcd5-dbgsym_7.1.0-2_amd64.deb
 5e69c2fcfb29319364654de3dba1e267d43d0e42fffb3aa1d2a2b05adcf23a01 5500 dhcpcd5_7.1.0-2_amd64.buildinfo
 7b7d4dd0416616232df3add2cc4d462adae9206e0e56ac2ee29134fb76d86f24 163448 dhcpcd5_7.1.0-2_amd64.deb
Files:
 8f5f652f1a080f00a97909b30f99614a 1932 net optional dhcpcd5_7.1.0-2.dsc
 9fd8b0b0731d3b6acd9130559673ce50 13524 net optional dhcpcd5_7.1.0-2.debian.tar.xz
 1364ae4b938da32dfbc3aab67eeed050 425436 debug optional dhcpcd5-dbgsym_7.1.0-2_amd64.deb
 8de3c768961cda5d1c2cc1f37f872888 5500 net optional dhcpcd5_7.1.0-2_amd64.buildinfo
 4914574c4a470c0e4823b440a311e6de 163448 net optional dhcpcd5_7.1.0-2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEEQ0m4g1ajFzrQYHfBYJV0Vg0xPN0FAlzRluwPHHNjb3R0QHNs
LmlkLmF1AAoJEGCVdFYNMTzdb0UP/39O9jCsuCcP/lC9QoKmU57u60SvOkyCW+Nf
q2spmiiXX113r9CaFiTFnFJLfMH1mHNvw11sx6SUJOUIzGShf7+6jap6VU2bMjlb
gmUMAknRctfD6jQ0vvncgUwHuIzmLrXcatz6+M0A/G71bT8Eq3P6HHIxqQOUozRH
nQVE+S7dnew1KTfvWAcX8LXiGS4o/h4ark/Efb1uArT7tXkqcZ/6tyinT573A6Zf
Tr/nnBHmyHpgEoTFoOK0g/YrlWrorhMu3bCYoWCO9Dht22dCOHzBaB2oESNCB5KG
sZNrgslD+NE+5IT61lGi0T8rX1XQe6NwABtBR2FORI+GVpnf8W+F6qypZvn4RJLn
kp0RbUoqEmzWsfEI5UjoJ0tWAnhMoBtscYro9cCRu3+ZWi4ZHiAwVCtyg56105v8
Cbta8Gg+SZPiGK0A+Hg40i4yYqzeOE0glN35PnxxXz3n1Rl/HQzRsyraDWOL1oQp
LvXYc5yR9yZPcxd4qsP0fjyc0bsE/Bl01M3/55TRlN8ysgAx8bAgcDKZX20bjKJJ
5EWyFWwRJLhlFm2NEnDaeuGWCF3pPLr3QtaOq+VRAVRMkQ5CEFp5U1NGeDJMd0M+
AweaJGRoq0TijZGEM247ldUMG0uW7TpexQhjxtGcVtwVtsnjkYpK41I+ABbrUCeM
KPukZKaX
=TF9O
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.