[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#302864: marked as done (CAN-2005-0815: Multiple security problems in ISO9660 and Rockridge Code)

Your message dated Thu, 19 May 2005 06:47:46 -0400
with message-id <E1DYiZ8-0006pj-00@newraff.debian.org>
and subject line Bug#302864: fixed in kernel-source-2.4.27 2.4.27-10
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 3 Apr 2005 13:19:10 +0000
>From jmm@inutil.org Sun Apr 03 06:19:10 2005
Return-path: <jmm@inutil.org>
Received: from gluck.debian.org [192.25.206.10] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1DI50Q-00054R-00; Sun, 03 Apr 2005 06:19:10 -0700
Received: from inutil.org (vserver151.vserver151.serverflex.de) [193.22.164.111] 
	by gluck.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1DI50P-0000ty-00; Sun, 03 Apr 2005 07:19:09 -0600
Received: from p54897c78.dip.t-dialin.net ([84.137.124.120] helo=localhost.localdomain)
	by vserver151.vserver151.serverflex.de with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA:32)
	(Exim 4.50)
	id 1DI4xA-00057s-Ss
	for submit@bugs.debian.org; Sun, 03 Apr 2005 15:15:49 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.50)
	id 1DI4x6-0002f3-IN; Sun, 03 Apr 2005 15:15:44 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <jmm@inutil.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CAN-2005-0815: Multiple security problems in ISO9660 and Rockridge Code
X-Mailer: reportbug 3.9
Date: Sun, 03 Apr 2005 15:15:44 +0200
Message-Id: <E1DI4x6-0002f3-IN@localhost.localdomain>
X-SA-Exim-Connect-IP: 84.137.124.120
X-SA-Exim-Mail-From: jmm@inutil.org
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond expanded to false
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: kernel-source-2.4.27
Severity: important
Tags: security patch

I'm sure you are already aware of this, but here it is nonetheless:

CAN-2005-0815 describes multiple problems in the ISO9660 and Rockridge-
Code that may lead to memory corruption and possibly code execution through
carefully crafted ISO images.

The relevant 2.4 patches from Bitkeeper are:
http://linux.bkbits.net:8080/linux-2.4/gnupatch@4244a417jb-ZTWgax2mcR2so3l3KaQ
http://linux.bkbits.net:8080/linux-2.4/gnupatch@4244a3d91w2q8hQzZefX9zsDlTlJtA
http://linux.bkbits.net:8080/linux-2.4/gnupatch@4244a3aeRsXj7r4AC7s1QgPvWpjtoA

Cheers,
        Moritz

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

---------------------------------------
Received: (at 302864-close) by bugs.debian.org; 19 May 2005 10:51:53 +0000
>From katie@ftp-master.debian.org Thu May 19 03:51:53 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1DYid6-0007F0-00; Thu, 19 May 2005 03:51:53 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
	id 1DYiZ8-0006pj-00; Thu, 19 May 2005 06:47:46 -0400
From: Simon Horman <horms@debian.org>
To: 302864-close@bugs.debian.org
X-Katie: $Revision: 1.55 $
Subject: Bug#302864: fixed in kernel-source-2.4.27 2.4.27-10
Message-Id: <E1DYiZ8-0006pj-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Thu, 19 May 2005 06:47:46 -0400
Delivered-To: 302864-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 5

Source: kernel-source-2.4.27
Source-Version: 2.4.27-10

We believe that the bug you reported is fixed in the latest version of
kernel-source-2.4.27, which is due to be installed in the Debian FTP archive:

kernel-doc-2.4.27_2.4.27-10_all.deb
  to pool/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10_all.deb
kernel-patch-debian-2.4.27_2.4.27-10_all.deb
  to pool/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10_all.deb
kernel-source-2.4.27_2.4.27-10.diff.gz
  to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10.diff.gz
kernel-source-2.4.27_2.4.27-10.dsc
  to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10.dsc
kernel-source-2.4.27_2.4.27-10_all.deb
  to pool/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10_all.deb
kernel-tree-2.4.27_2.4.27-10_all.deb
  to pool/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 302864@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon Horman <horms@debian.org> (supplier of updated kernel-source-2.4.27 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 16 May 2005 14:48:47 +0900
Source: kernel-source-2.4.27
Binary: kernel-tree-2.4.27 kernel-source-2.4.27 kernel-patch-debian-2.4.27 kernel-doc-2.4.27
Architecture: source all
Version: 2.4.27-10
Distribution: unstable
Urgency: low
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Simon Horman <horms@debian.org>
Description: 
 kernel-doc-2.4.27 - Linux kernel specific documentation for version 2.4.27
 kernel-patch-debian-2.4.27 - Debian patches to Linux 2.4.27
 kernel-source-2.4.27 - Linux kernel source for version 2.4.27 with Debian patches
 kernel-tree-2.4.27 - Linux kernel source tree for building Debian kernel images
Closes: 302704 302705 302864 305655 308757
Changes: 
 kernel-source-2.4.27 (2.4.27-10) unstable; urgency=low
 .
   * 155_net-bluetooth-signdness-fix.diff:
     [Security] Fix signedness problem at socket creation in bluetooth
     which can lead to local root exploit. See CAN-2005-0750
     (Simon Horman) (closes: Bug#302704)
 .
   * 156_fs-ext2-info-leak.diff:
     [Security] Fix information leak in ext2 which leads to
     a local information leak. See CAN-2005-0400
     (Simon Horman)
 .
   * 157_fs-isofs-range-check-1.diff, 157_fs-isofs-range-check-2.diff,
     157_fs-isofs-range-check-3.diff:
     [Security] Fix range checking in isofs which leads to a local crash
     and arbitary code execution.  See CAN-2005-0815
     (Simon Horman) (closes: #302864)
 .
   * 158_fs-binfmt_elf-dos.diff:
     Potential DOS in load_elf_library. See CAN-2005-0749
     (Simon Horman) (closes: #302705)
 .
   * 159_fs-cramfs-stat.diff
     Fix to stat output for cramfs
     (Simon Horman)
 .
   * 160_drivers-net-sis900-oops.diff
      sis900 kernel oops fix
     (Simon Horman)
 .
   * 161_drivers-net-amd8111e-irq.diff
     AMD8111e driver was releasing an irq in some error situations
     (Simon Horman)
 .
   * 162_drivers-net-via-rhine-irq.diff
     VIA Rhine driver was releasing an irq in some error situations
     (Simon Horman)
 .
   * 165_VM_IO.diff added, 140_VM_IO.diff removed:
     [CAN-2004-1057] Updated fix for DoS from accessing freed kernel pages.
     The previous fix seems to have cuased some problems and this
     is the one that is upstream.
     (Simon Horman, Dann Frazier)
 .
   * 164_net-ipv4-icmp-quench.diff:
      [CAN-2004-0790] Just silently ignore ICMP Source Quench messages.
      (Simon Horman)  (closes: #305655)
 .
   * 165_arch-ia64-kernel-missing-sysctl.diff:
      [CAN-2005-0137] Add missing sysctl slot for ia64 resolving
      local DoS. (Simon Horman)
 .
   * fs-binfmt_elf-dump-privelage.diff:
     Linux kernel ELF core dump privilege elevation
     See CAN-2005-1263. (closes: #308757). (Simon Horman)
Files: 
 59d9aeb90e71e4b6369a6b4986da690b 888 devel optional kernel-source-2.4.27_2.4.27-10.dsc
 0ccc5c9df0130e5da099cd1a7c8a7f64 688010 devel optional kernel-source-2.4.27_2.4.27-10.diff.gz
 157b883cbfb91812912c16728eb61fa0 633228 devel optional kernel-patch-debian-2.4.27_2.4.27-10_all.deb
 9478d7f77b06c30454ef7864d9487fd4 3576196 doc optional kernel-doc-2.4.27_2.4.27-10_all.deb
 3ae3d29a6b8a3de23a860627f3b440c3 31022934 devel optional kernel-source-2.4.27_2.4.27-10_all.deb
 15394d1f0d96b07955178f05296929e0 23348 devel optional kernel-tree-2.4.27_2.4.27-10_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCjGuZdu+M6Iexz7URAnSkAJ9SWaRWL1fYfJzpqtV+TXQ3LhkidgCgynIE
FHrCSlUvvU/NhZxzmELwM+0=
=kbKC
-----END PGP SIGNATURE-----
Reply to: