Re: [DEBIAN-LTS] ettercap package

To: Nguyen Cong <cong.nguyenthe@toshiba-tsdv.com>, Raphael Hertzog <hertzog@debian.org>, Thorsten Alteholz <alteholz@debian.org>, "debian-lts@lists.debian.org" <debian-lts@lists.debian.org>, "773416@bugs.debian.org" <773416@bugs.debian.org>
Cc: Nguyen Cong <nguyencong.1210@gmail.com>
Subject: Re: [DEBIAN-LTS] ettercap package
From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Date: Sat, 27 Dec 2014 09:22:39 +0000 (UTC)
Message-id: <[🔎] 1486399202.1706115.1419672159238.JavaMail.yahoo@jws11168.mail.ir2.yahoo.com>
Reply-to: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
In-reply-to: <549E2FCB.2080601@toshiba-tsdv.com>
References: <549E2FCB.2080601@toshiba-tsdv.com>

Hi dear Nguyen,

for me if it applies to ettercap/squeeze cleanly it is fine :)

Let's wait for Raphael, I don't have any more issues!

Cheers,

G.





Il Sabato 27 Dicembre 2014 5:04, Nguyen Cong <cong.nguyenthe@toshiba-tsdv.com> ha scritto:
Dear Gianfranco Costamagna,

Many thanks for your comments.
> I would say "two" here, because the other vulnerabilities are not available here
Yes. My bad, stupid mistake :(. It has been corrected.
> only in patch2:
> unchanged:
>
> I would remove the two lines above, don't know why there are here, but they seems to be not useful at all
I don't understand also. Could anyone please give me idea for fixing
this problem.

I attached newest debdiff file. Hope this nearly good enough.

Thanks and best regards
Cong

On 26/12/2014 14:29, Gianfranco Costamagna wrote:
> Hi Nguyen,
>
> for me (note: I don't have any upload power, so my opinion counts less than 0 here) :)
> --- ettercap-0.7.3/debian/changelog
> +++ ettercap-0.7.3/debian/changelog
> [snip]
>
> fine for me, do not need to mention me at all :)
>
>
> --- ettercap-0.7.3/debian/patches/series
> +++ ettercap-0.7.3/debian/patches/series
>
> [snip]
>
> fine
>
> only in patch2:
> unchanged:
>
> I would remove the two lines above, don't know why there are here, but they seems to be not useful at all
>
> --- ettercap-0.7.3.orig/debian/patches/04_CVE-2014-9380-9381.patch
> +++ ettercap-0.7.3/debian/patches/04_CVE-2014-9380-9381.patch
>
> should be fine even if usually newly created files should be something like
> --- /dev/null
>
> +++ ettercap-0.7.3/debian/patches/04_CVE-2014-9380-9381.patch
>
> [snip]
>
> +Subject: Twelve vulnerabilities exist on ettercap-ng which
>
>
> I would say "two" here, because the other vulnerabilities are not available here
>
>
>
>
> the other looks good to me :)
>
> cheers,
>
> G.
>
> (sorry for top posting)
>
> Il Giovedì 25 Dicembre 2014 11:26, Nguyen Cong <cong.nguyenthe@toshiba-tsdv.com> ha scritto:
> Hello Gianfranco Costamagna and Raphael Hertzog,
>
> Many thanks for your comments, especially Raphael :).
>> I propose something like this instead.
>> (note the patch might not apply at all, I manually changed it)
> Yes. Sorry for my mistake, I changed it. Please tell me if
> I had to set the name in changelog to you, Gianfranco Costamagna.
>
> I have re-built it with care. But not sure it's good enough
> since I have troubled with DEP3. I ended up with upstream patch style.
>> --- ettercap-0.7.3/debian/patches/series
>> +++ ettercap-0.7.3/debian/patches/series
>> @@ -3,0 +4 @@
>> +04_CVE-2014-9380-9381.patch
>> Why is there no context shown here?
>>
> And this one also. I don't really get it.
>
> Could you please review it and give me some comments.
>
> Many thanks and Merry Christmas :)
> Cong
>
> On 25/12/2014 16:34, Gianfranco Costamagna wrote:
>> Hi *,
>>
>> nope, you seems to be modifying other patches rather than the strict necessary to fix this bug.
>>
>> Moreover the patch is lacking of a CVE description (actually the patch is fixing two CVEs, and the
>> description mentions only one)
>>
>> (there is also no need to mention me, I'm not the author of the patch, neither of the debdiff :) )
>>
>> also the patch "subject" might be not really needed, I leave Raphael to review the rest :)
>>
>>
>> I propose something like this instead.
>> (note the patch might not apply at all, I manually changed it)
>>
>> diff -u ettercap-0.7.3/debian/changelog ettercap-0.7.3/debian/changelog
>> --- ettercap-0.7.3/debian/changelog
>> +++ ettercap-0.7.3/debian/changelog
>> @@ -1,3 +1,16 @@
>> +ettercap (1:0.7.3-2.1+squeeze2) squeeze-lts; urgency=medium
>> +
>> +  * Non-maintainer upload.
>> +   * Patch a bunch of security vulnerabilities (closes: #773416)
>> +     - CVE-2014-9380 (Buffer over-read)
>> +     - CVE-2014-9381 (Signedness error)
>> +     See:
>> +    https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
>> +     Patches taken from upstream
>> +     - 6b196e011fa456499ed4650a360961a2f1323818 pull/608
>> +     - 31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609
>> +     Thanks to Nick Sampanis <n.sampanis@obrela.com> who is responsible for
>> +     both finding and repairing these issues.
>> +
>> + -- Nguyen Cong <cong.nguyenthe@toshiba-tsdv.com>  Tue, 23 Dec 2014 09:44:32 +0700
>> +
>> ettercap (1:0.7.3-2.1+squeeze1) stable; urgency=high
>>
>> * Quilt patch for CVE-2013-0722, a stack-based buffer overflow when
>> diff -u ettercap-0.7.3/debian/patches/series ettercap-0.7.3/debian/patches/series
>> --- ettercap-0.7.3/debian/patches/series
>> +++ ettercap-0.7.3/debian/patches/series
>> @@ -3,0 +4 @@
>> +04_CVE-2014-9380-9381.patch
>> --- ettercap-0.7.3.orig/debian/patches/04_CVE-2014-9380-9381.patch
>> +++ ettercap-0.7.3/debian/patches/04_CVE-2014-9380-9381.patch
>> @@ -0,0 +1,35 @@
>> +From: Nick Sampanis <n.sampanis@obrela.com>
>> +Subject: Re: Bug#773416: fixed in ettercap 1:0.8.1-3
>> +Date: Mon, 22 Dec 2014 10:22:56 +0000 (UTC)
>> +
>> +The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 8.1
>> +allows remote attackers to cause a denial of service (out-of-bounds
>> +read) via a packet containing only a CVS_LOGIN signature.
>> +
>> +Integer signedness error in the dissector_cvs function in
>> +dissectors/ec_cvs.c in Ettercap 8.1 allows remote attackers to cause
>> +a denial of service (crash) via a crafted password, which triggers
>> +a large memory allocation.
>> +See Debian Bug #773416#20
>> +
>> +--- a/src/dissectors/ec_cvs.c
>> ++++ b/src/dissectors/ec_cvs.c
>> +@@ -70,7 +70,7 @@ FUNC_DECODER(dissector_cvs)
>> + {
>> +    DECLARE_DISP_PTR_END(ptr, end);
>> +    char tmp[MAX_ASCII_ADDR_LEN];
>> +-   char *p;
>> ++   u_char *p;
>> +    size_t i;
>> +
>> +    /* don't complain about unused var */
>> +@@ -92,6 +92,8 @@ FUNC_DECODER(dissector_cvs)
>> +
>> +    /* move over the cvsroot path */
>> +    ptr += strlen(CVS_LOGIN) + 1;
>> ++    if (ptr >= end)
>> ++        return NULL;
>> +
>> +    /* go until \n */
>> +    while(*ptr != '\n' && ptr != end) ptr++;
>>
>>
>> cheers,
>>
>> and Merry XMas,
>>
>> Gianfranco
>>
>>

-- 
=====================================================================
Nguyen The Cong (Mr)
Software Engineer
Toshiba Software Development (Vietnam) Co.,Ltd
519 Kim Ma street, Ba Dinh District, Hanoi, Vietnam
tel:    +84-4-2220 8801 (Ext. 208)
e-mail: cong.nguyenthe@toshiba-tsdv.com
=====================================================================

Note: This e-mail message may contain personal information or confidential information. If you are not the addressee of this message, please delete this message and kindly notify the sender as soon as possible - do not copy, use, or disclose this message.

Reply to:

Prev by Date: Re: [DEBIAN-LTS] ettercap package
Next by Date: Re: [DEBIAN-LTS] ettercap package
Previous by thread: Re: [DEBIAN-LTS] ettercap package
Next by thread: [DEBIAN-LTS] Package ettercap
Index(es):
- Date
- Thread