Debian Bug report logs -
#793468
squashfs-tools: CVE-2015-4646
Reported by: Romeo Papa <romeopapa@caramail.com>
Date: Fri, 24 Jul 2015 10:15:01 UTC
Severity: normal
Tags: patch, security, upstream
Found in version squashfs-tools/1:4.2+20130409-2
Fixed in version squashfs-tools/1:4.3-2
Done: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>
:
Bug#793468
; Package src:squashfs-tools
.
(Fri, 24 Jul 2015 10:15:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Romeo Papa <romeopapa@caramail.com>
:
New Bug report received and forwarded. Copy sent to Filesystems Group <filesystems-devel@lists.alioth.debian.org>
.
(Fri, 24 Jul 2015 10:15:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: squashfs-tools
Version: 1:4.2+20130409-2
Severity: normal
Hello,
Filing a bug for CVE-2015-4646,
> we run into an unrelated problem in which the stack VLA
> allocation of fragment_table_index[] can easily exceed RLIMIT_STACK
Described here:
https://github.com/devttys0/sasquatch/pull/5
Information forwarded
to debian-bugs-dist@lists.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>
:
Bug#793468
; Package src:squashfs-tools
.
(Fri, 24 Jul 2015 10:27:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Romeo Papa <romeopapa@caramail.com>
:
Extra info received and forwarded to list. Copy sent to Filesystems Group <filesystems-devel@lists.alioth.debian.org>
.
(Fri, 24 Jul 2015 10:27:06 GMT) (full text, mbox, link).
Message #10 received at 793468@bugs.debian.org (full text, mbox, reply):
Following up is a debdiff that:
* fixes CVE-2015-4645 and CVE-2015-4646
* Upgrades to squashfs-tools 4.3
* Updates the man pages
Information forwarded
to debian-bugs-dist@lists.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>
:
Bug#793468
; Package src:squashfs-tools
.
(Fri, 24 Jul 2015 10:57:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Romeo Papa <romeopapa@caramail.com>
:
Extra info received and forwarded to list. Copy sent to Filesystems Group <filesystems-devel@lists.alioth.debian.org>
.
(Fri, 24 Jul 2015 10:57:04 GMT) (full text, mbox, link).
Message #15 received at 793468@bugs.debian.org (full text, mbox, reply):
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It seems I am unable to send the debdiff file directly through email.
I have therefore hosted the diff on PasteBin,
Here is the highlighed code: http://pastebin.com/HcViHJBW
Here is the raw code: http://pastebin.com/raw.php?i=HcViHJBW
Thanks.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJVshmnAAoJEM5wUx8CP5BTqBMP/3Nmz0p9tF2gzOgxuXTEJGIc
mb7SGGdlpysGWTuISVwunXx1laSjNjie7UV9/FgobdsUCMCy2GyFl01k4/z/jcA7
pwxFUZlkpOm30xiyNxaPYzNZIx5bHUnRuj9ecqp59fcCRLbNrJH1X/8/1lt/Jh0+
niMS/yl7nF4PNABCTxtWHymD9geKe22YTfVUIvBtoJTrf5wyQuNpDbDXzBMCFIxh
jzeDKojWbmckR2yapd+ktnN5Qd6/CzKaZ8urs2kodnYCpYLn23uahVnpuBTjbGZG
aHyIO7n82vwcwIglaMibGCbzmjXPY/qqRLZyn3ABZ99aGXu2NtP4DACB9jRYWGpm
yYd1GdZafPraB/wIIXzjBa7vO2E6Hw/5jNarLOwjBPdMwWWrxin9vqpVEUmhaVRJ
1Qf/1cCZhjbkt9iBOs3uUHyAeaA17kqMDAftXf1Ff5uA+TPSz/UUFqJBEqCxDmkx
JPGch4Jg15w/p3/MxJHIry9wXY9vidZPQ4amDfHjVneUIRkiFLph6KRd/h4twwP3
jqsKWU1R475l9YZn2TgxB4uD4Z2JqhSlQZLylxOQ09SHTb0PtY56OAT35KeB9d++
Nyj1OCvSmckQStQQvSRTo90WuqmGA93x2PQbSyp4pLj9XwvxTNnyvEaDFsgmdFBr
6iOj9E7F0pPXgnujy8l4
=9iFE
-----END PGP SIGNATURE-----
Added tag(s) security and upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Fri, 24 Jul 2015 11:27:04 GMT) (full text, mbox, link).
Added tag(s) patch.
Request was from Jérémy Bobbio <lunar@debian.org>
to control@bugs.debian.org
.
(Tue, 04 Aug 2015 07:18:03 GMT) (full text, mbox, link).
Reply sent
to Laszlo Boszormenyi (GCS) <gcs@debian.org>
:
You have taken responsibility.
(Wed, 09 Sep 2015 19:21:24 GMT) (full text, mbox, link).
Notification sent
to Romeo Papa <romeopapa@caramail.com>
:
Bug acknowledged by developer.
(Wed, 09 Sep 2015 19:21:24 GMT) (full text, mbox, link).
Message #24 received at 793468-close@bugs.debian.org (full text, mbox, reply):
Source: squashfs-tools
Source-Version: 1:4.3-2
We believe that the bug you reported is fixed in the latest version of
squashfs-tools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 793468@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <gcs@debian.org> (supplier of updated squashfs-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 07 Sep 2015 18:03:49 +0200
Source: squashfs-tools
Binary: squashfs-tools squashfs-tools-dbg
Architecture: source amd64
Version: 1:4.3-2
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
squashfs-tools - Tool to create and append to squashfs filesystems
squashfs-tools-dbg - Tool to create and append to squashfs filesystems (debug)
Closes: 749878 754234 793467 793468 798268
Changes:
squashfs-tools (1:4.3-2) unstable; urgency=high
.
* Fix security issues:
- CVE-2015-4645 - stack overflow in read_fragment_table_4
(closes: #793467),
- CVE-2015-4646 - stack overflow in read_fragment_table_4 due to fix for
CVE-2015-4645 (closes: #793468).
* Fix phys mem calculation for 32-bit processes on PAE/64-bit kernels
(closes: #798268).
* Build with XZ Utils liblzma (closes: #754234, #749878).
* Update 0001-kfreebsd.patch to fix kFreeBSD FTBFS.
Checksums-Sha1:
3c115e79a0c0ddfb1080c6837f767a06c48b89d8 2004 squashfs-tools_4.3-2.dsc
e0f85e23282d662c285170f41721d0d390945e4c 14088 squashfs-tools_4.3-2.debian.tar.xz
e95fb39e1413ea8a2abdcc894d913bcb99c12c7a 303762 squashfs-tools-dbg_4.3-2_amd64.deb
1278f8f132e17c574fbcd28a40173f46cdb597f1 119732 squashfs-tools_4.3-2_amd64.deb
Checksums-Sha256:
2b707af906bb9856cc1d763ba9db175f79e8e99c051afa8ba41441b5c1fab61d 2004 squashfs-tools_4.3-2.dsc
a2442f69c7e3ec7e8f030a6742e185ff6af148688e660a8aa880e402fcb66489 14088 squashfs-tools_4.3-2.debian.tar.xz
fda0e5d7b5a2808ba8ab7db9de3bb5ab9a01cd63128d82d403d420a187025a9d 303762 squashfs-tools-dbg_4.3-2_amd64.deb
9aff7e08e6d4a95127b25a54921ef5b85e1c0c4a11e10d03c758f5dd574f8274 119732 squashfs-tools_4.3-2_amd64.deb
Files:
5595e4d2c9a4ba9870852b14eb221931 2004 kernel optional squashfs-tools_4.3-2.dsc
febc54a9ad45cb88d17478df7516d3c3 14088 kernel optional squashfs-tools_4.3-2.debian.tar.xz
bb41bba7edeb9df878436377dc31eaba 303762 debug extra squashfs-tools-dbg_4.3-2_amd64.deb
9dfc585d883e6e2d4f43cb7017cdf9ea 119732 kernel optional squashfs-tools_4.3-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJV8IB9AAoJENzjEOeGTMi/6GEQAIqqHezE4V+VoSCf6Y11GW+c
71rYOVz8SbM3CIjEeJwilpTfyiuDZOZzwPcw7yscQWqMBHRutF7bEhOyWkG/YgA4
X8HOPtPXklgNLbly+jtOf51aDDnmFHoLtlw1qv20j263RGHkVVwwsgXyE/QDC3Z9
h9USkqagXXuqScYGPN3MHh4s6TsHt2YxHkZ+oZqrvsSzL/hUwq/ET8adXP1HsBs/
PSCf9wL1tWNSQL6/932T8WEbOnhCOZuqla3krYl/Djlsh0WI7dwOZN/HdKo/GgEp
zRVYujONjrfSweyN1yB3IsSLN2RAJED0Ou7Z6gia56FXpcBAW0lel15opuXC3mRB
iaBrDgq3dT6QiODJVxDcJf3usQoo9xxCcfvOhF6pv/4aJvgWt1A1iU18J9jeXkcW
t8Pb4CZgWMqG/7OdITGV+SDCkXLfsX10Jk8rxddoM8W9PLteWqFcWXMAohBaeoKM
QaCxdzS+d59eEkSUp57gItG+UYOzzXkp+4yYdpKvVgcbqVHtEUiRKRRIRglQfORq
wLIc0Ot/64nRz94gMeOVPH0BUxHgrHaKiS36Fbbnx475Ek7YH1S87UVh4fs5IR/+
ZJ22VJX62XINGW8vA4ZjM2Gi1eZibst134HlJ8IpFyUu2h/GzMKFWY9EHApsRWKV
JeEx+fxsXixNbfYfmxBg
=/UGb
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sat, 10 Oct 2015 07:34:21 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:48:44 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.