Your message dated Wed, 19 Dec 2007 18:32:08 +0000 with message-id <E1J53iC-0002Mp-0D@ries.debian.org> and subject line Bug#453408: fixed in glibc 2.7-5 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: libc6 2.7-3 vfscanf() illegal free()
- From: "Kalle A. Sandstr\"om" <ksandstr@iki.fi>
- Date: Thu, 13 Dec 2007 23:12:27 +0200
- Message-id: <[🔎] 20071213211226.GA12035@molukki.ath.cx>
- Reply-to: ksandstr@iki.fi
Package: libc6 Version: 2.7-4 libc6 as found in testing and in unstable (versions 2.7-3 and 2.7-4 respectively) have a bug in the vfscanf() implementation, found in the file glibc-2.7/stdio-common/vfscanf.c . The bug causes a pointer originally procured from alloca() to be passed to free(), resulting in a predictable kaboom. The GNU libc development team has since fixed this bug, according to the CVS browser view at [1]; note revision 1.128 in particular. This issue turned up while trying to use genext2fs after a libc6 upgrade from testing. The genext2fs package has an apparently related FTBFS bug logged on it right now. I would characterize this bug as critical: it causes previously working programs to crash through no fault of their own, and might be speculated to affect any program that took the easy route with configuration parsing by feeding input lines to sscanf(), much as genext2fs does. [1] http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/stdio-common/vfscanf.c?cvsroot=glibc -- Kalle A. Sandstro"m ksandstr@iki.fi 746B 4B14: BFB5 6D3B 0758 CFBE 11F9 DF41 4C28 67FB 746B 4B14 void *truth = &truth; http://iki.fi/ksandstr/Attachment: signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
- To: 453408-close@bugs.debian.org
- Subject: Bug#453408: fixed in glibc 2.7-5
- From: Aurelien Jarno <aurel32@debian.org>
- Date: Wed, 19 Dec 2007 18:32:08 +0000
- Message-id: <E1J53iC-0002Mp-0D@ries.debian.org>
Source: glibc Source-Version: 2.7-5 We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive: glibc-doc_2.7-5_all.deb to pool/main/g/glibc/glibc-doc_2.7-5_all.deb glibc_2.7-5.diff.gz to pool/main/g/glibc/glibc_2.7-5.diff.gz glibc_2.7-5.dsc to pool/main/g/glibc/glibc_2.7-5.dsc libc6-dbg_2.7-5_amd64.deb to pool/main/g/glibc/libc6-dbg_2.7-5_amd64.deb libc6-dev-i386_2.7-5_amd64.deb to pool/main/g/glibc/libc6-dev-i386_2.7-5_amd64.deb libc6-dev_2.7-5_amd64.deb to pool/main/g/glibc/libc6-dev_2.7-5_amd64.deb libc6-i386_2.7-5_amd64.deb to pool/main/g/glibc/libc6-i386_2.7-5_amd64.deb libc6-pic_2.7-5_amd64.deb to pool/main/g/glibc/libc6-pic_2.7-5_amd64.deb libc6-prof_2.7-5_amd64.deb to pool/main/g/glibc/libc6-prof_2.7-5_amd64.deb libc6-udeb_2.7-5_amd64.udeb to pool/main/g/glibc/libc6-udeb_2.7-5_amd64.udeb libc6_2.7-5_amd64.deb to pool/main/g/glibc/libc6_2.7-5_amd64.deb libnss-dns-udeb_2.7-5_amd64.udeb to pool/main/g/glibc/libnss-dns-udeb_2.7-5_amd64.udeb libnss-files-udeb_2.7-5_amd64.udeb to pool/main/g/glibc/libnss-files-udeb_2.7-5_amd64.udeb locales-all_2.7-5_amd64.deb to pool/main/g/glibc/locales-all_2.7-5_amd64.deb locales_2.7-5_all.deb to pool/main/g/glibc/locales_2.7-5_all.deb nscd_2.7-5_amd64.deb to pool/main/g/glibc/nscd_2.7-5_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 453408@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 19 Dec 2007 01:22:06 +0100 Source: glibc Binary: libc0.1-prof libc6.1-alphaev67 libc6-dev-amd64 locales-all libc6-i686 libc6-dev-ppc64 libc0.3-pic glibc-doc libc0.3 libc6-dev-mipsn32 libc0.1-i686 libc0.1-i386 libc6-mips64 libc6.1-dev libc6-s390x libnss-files-udeb libc0.1-dev-i386 libc6-dev-sparc64 libc6-i386 libc0.3-dev libc6-udeb libc6-dbg libc6.1-pic libc6-dev libc0.3-prof libc0.1-udeb libc6-dev-i386 libc6.1-prof libc6-mipsn32 libc0.1-dev locales libc6-pic libc0.3-udeb libc6-dev-powerpc libc0.1-pic libc6-ppc64 libc0.3-dbg libc0.1-dbg libc6-amd64 libc0.1 libc6-prof libc6-xen libc6-dev-mips64 libc6-powerpc libc6 libc6-sparcv9b libc6.1-udeb libc6.1-dbg nscd libc6-sparc64 libnss-dns-udeb libc6.1 libc6-dev-s390x Architecture: source amd64 all Version: 2.7-5 Distribution: unstable Urgency: low Maintainer: Aurelien Jarno <aurel32@debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Description: glibc-doc - GNU C Library: Documentation libc6 - GNU C Library: Shared libraries libc6-dbg - GNU C Library: Libraries with debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc6-i386 - GNU C Library: 32bit shared libraries for AMD64 libc6-pic - GNU C Library: PIC archive library libc6-prof - GNU C Library: Profiling Libraries libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data nscd - GNU C Library: Name Service Cache Daemon Closes: 453408 453899 455603 455783 456260 456779 Changes: glibc (2.7-5) unstable; urgency=low . [ Aurelien Jarno ] * Moved merged parts of patches/any/submitted-sched_h.diff into patches/any/cvs-sched_h.diff. * patches/any/cvs-ether_line.diff: new patch from upstream to fix ether_line(). Closes: bug#453899. * patches/any/cvs-vfscanf.diff: new patch from upstream to fix crash when %as is used with sscanf(). Closes: bug#453408. * debian/rules: also set CXX when cross-compiling. * patches/any/submitted-malloc_h.diff: removed, replaced by patches/any/cvs-wchar_h.diff. * debian/sysdeps/depflags.pl: conflict against tzdata (<< 2007j-2) as etch now have version 2007j-1etch1. Closes: bug#455783. * debian/sysdeps/depflags.pl: suggests libc6-i686 on i386 architecture. Closes: bug#455603. * any/submitted-rfc3484-labels.diff: new patch to fix RFC 3484 default label ordering. Closes: bug#456779. * patches/alpha/local-dl-procinfo.diff: add missing part. Closes: bug#456260. . [ Petr Salinger] * kfreebsd/local-sysdeps.diff: update to revision 2082 (from glibc-bsd). * any/cvs-fchmodat.diff: properly declare as stub - needed by GNU/kFreeBSD. . [ Samuel Thibault] * patches/hurd-i386/submitted-ioctl-unsigned-size_t.diff: update to also handle unsigned char/int/short/long and ssize_t. Files: 361dd96941a59f2aef46bb9ad9ba3ee6 2072 libs required glibc_2.7-5.dsc 0011d41ff261625c1754af61040c64a3 675390 libs required glibc_2.7-5.diff.gz 975f3462f7d8774f2a81aaa8c0fc60f5 1623962 doc optional glibc-doc_2.7-5_all.deb 5abfe8de9c1edaffc49e5273a0cfb321 4486002 libs standard locales_2.7-5_all.deb 2d70d766d5c721c3486071635344e263 4992748 libs required libc6_2.7-5_amd64.deb ebf51cbd7a6f29c0a2fadf2a98469218 2530166 libdevel optional libc6-dev_2.7-5_amd64.deb 884738826550a7bbe3e80ec562e94bff 1961766 libdevel extra libc6-prof_2.7-5_amd64.deb 77a6841b1962ed27e3a453d93048d889 1481630 libdevel optional libc6-pic_2.7-5_amd64.deb 541ac14a7f00ef0916e5f2be5ab12444 2730022 libs extra locales-all_2.7-5_amd64.deb 398e6f6a56d4398bc55aabb3cebc5054 3735604 libs optional libc6-i386_2.7-5_amd64.deb 7f8d5b40c4cb1cafb43177a9fe062d28 1430482 libdevel optional libc6-dev-i386_2.7-5_amd64.deb 5265a7d9c9b0ac1edb308ddfeb1cc2f6 170498 admin optional nscd_2.7-5_amd64.deb a5b657ed998b8f9bd43cc5ff24f06a6e 5317476 libdevel extra libc6-dbg_2.7-5_amd64.deb 8c903d8677e3829c7237ca50e61e6be0 1129200 debian-installer extra libc6-udeb_2.7-5_amd64.udeb d7d190f4ef4276a128f3360588248c70 9744 debian-installer extra libnss-dns-udeb_2.7-5_amd64.udeb 88126b6ec721be6fb1b377019fd5e068 18012 debian-installer extra libnss-files-udeb_2.7-5_amd64.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHaVGJw3ao2vG823MRAls+AJ9FC6Kzv1jK5rSRnESBR6O2yeppyACeP7Pt 4djm+On05Bb5rZJRIXAAgS8= =HVLP -----END PGP SIGNATURE-----
--- End Message ---