On Sun, Oct 19, 2008 at 04:14:56PM +1100, Anibal Monsalve Salazar wrote: >Please consider preapproving nfs-utils/1:1.1.2-6lenny1 to fix >CVE-2008-4552. > >http://bugs.debian.org/502680 >http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 >https://bugzilla.redhat.com/show_bug.cgi?id=458676 > >Changes: > nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high > . > * Fix CVE-2008-4552 > nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the > host_ctl function with the wrong order of arguments, which causes TCP > Wrappers to ignore netgroups and allows remote attackers to bypass > intended access restrictions. > Closes: #502680 The change is very minimal. interdiff -zp1 nfs-utils_1.1.2-6.diff.gz nfs-utils_1.1.2-6lenny1.diff.gz diff -u nfs-utils-1.1.2/debian/changelog nfs-utils-1.1.2/debian/changelog --- nfs-utils-1.1.2/debian/changelog +++ nfs-utils-1.1.2/debian/changelog @@ -1,3 +1,14 @@ +nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high + + * Fix CVE-2008-4552 + nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the + host_ctl function with the wrong order of arguments, which causes TCP + Wrappers to ignore netgroups and allows remote attackers to bypass + intended access restrictions. + Closes: #502680 + + -- Anibal Monsalve Salazar <anibal@debian.org> Sun, 19 Oct 2008 13:37:33 +1100 + nfs-utils (1:1.1.2-6) unstable; urgency=high * Load nfsd.ko before starting idmapd, to hopefully fix NFSv4 export issues. diff -u nfs-utils-1.1.2/debian/patches/series nfs-utils-1.1.2/debian/patches/series --- nfs-utils-1.1.2/debian/patches/series +++ nfs-utils-1.1.2/debian/patches/series @@ -7,0 +8 @@ +08-CVE-2008-4552.patch only in patch2: unchanged: --- nfs-utils-1.1.2.orig/debian/patches/08-CVE-2008-4552.patch +++ nfs-utils-1.1.2/debian/patches/08-CVE-2008-4552.patch @@ -0,0 +1,26 @@ + http://bugs.debian.org/502680 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 + https://bugzilla.redhat.com/show_bug.cgi?id=458676 + + nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the + host_ctl function with the wrong order of arguments, which causes TCP + Wrappers to ignore netgroups and allows remote attackers to bypass + intended access restrictions. + +--- nfs-utils-1.1.2/support/misc/tcpwrapper.c 2008-03-15 02:46:29.000000000 +1100 ++++ nfs-utils-1.1.2/support/misc/tcpwrapper.c 2008-10-19 13:58:12.000000000 +1100 +@@ -125,12 +125,12 @@ struct sockaddr_in *addr; + return 0; + + /* Check the official name first. */ +- if (hosts_ctl(daemon, "", hp->h_name, "")) ++ if (hosts_ctl(daemon, hp->h_name, "", "")) + return 1; + + /* Check aliases. */ + for (sp = hp->h_aliases; *sp ; sp++) { +- if (hosts_ctl(daemon, "", *sp, "")) ++ if (hosts_ctl(daemon, *sp, "", "")) + return 1; + } +
Attachment:
signature.asc
Description: Digital signature