Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552

To: debian-release@lists.debian.org
Subject: Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
From: Aníbal Monsalve Salazar <anibal@debian.org>
Date: Sun, 19 Oct 2008 21:20:01 +1100
Message-id: <20081019102001.GY4674@debianrules.debiancolombia.org>
In-reply-to: <20081019051456.GP4674@debianrules.debiancolombia.org>
References: <20081019051456.GP4674@debianrules.debiancolombia.org>

On Sun, Oct 19, 2008 at 04:14:56PM +1100, Anibal Monsalve Salazar wrote:
>Please consider preapproving nfs-utils/1:1.1.2-6lenny1 to fix
>CVE-2008-4552.
>
>http://bugs.debian.org/502680
>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552
>https://bugzilla.redhat.com/show_bug.cgi?id=458676
>
>Changes:
> nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high
> .
>   * Fix CVE-2008-4552
>     nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the
>     host_ctl function with the wrong order of arguments, which causes TCP
>     Wrappers to ignore netgroups and allows remote attackers to bypass
>     intended access restrictions.
>     Closes: #502680

The change is very minimal.

interdiff -zp1 nfs-utils_1.1.2-6.diff.gz nfs-utils_1.1.2-6lenny1.diff.gz
diff -u nfs-utils-1.1.2/debian/changelog nfs-utils-1.1.2/debian/changelog
--- nfs-utils-1.1.2/debian/changelog
+++ nfs-utils-1.1.2/debian/changelog
@@ -1,3 +1,14 @@
+nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high
+
+  * Fix CVE-2008-4552
+    nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the
+    host_ctl function with the wrong order of arguments, which causes TCP
+    Wrappers to ignore netgroups and allows remote attackers to bypass
+    intended access restrictions.
+    Closes: #502680
+
+ -- Anibal Monsalve Salazar <anibal@debian.org>  Sun, 19 Oct 2008 13:37:33 +1100
+
 nfs-utils (1:1.1.2-6) unstable; urgency=high
 
   * Load nfsd.ko before starting idmapd, to hopefully fix NFSv4 export issues.
diff -u nfs-utils-1.1.2/debian/patches/series nfs-utils-1.1.2/debian/patches/series
--- nfs-utils-1.1.2/debian/patches/series
+++ nfs-utils-1.1.2/debian/patches/series
@@ -7,0 +8 @@
+08-CVE-2008-4552.patch
only in patch2:
unchanged:
--- nfs-utils-1.1.2.orig/debian/patches/08-CVE-2008-4552.patch
+++ nfs-utils-1.1.2/debian/patches/08-CVE-2008-4552.patch
@@ -0,0 +1,26 @@
+ http://bugs.debian.org/502680
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552
+ https://bugzilla.redhat.com/show_bug.cgi?id=458676
+
+ nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the
+ host_ctl function with the wrong order of arguments, which causes TCP
+ Wrappers to ignore netgroups and allows remote attackers to bypass
+ intended access restrictions.
+
+--- nfs-utils-1.1.2/support/misc/tcpwrapper.c	2008-03-15 02:46:29.000000000 +1100
++++ nfs-utils-1.1.2/support/misc/tcpwrapper.c	2008-10-19 13:58:12.000000000 +1100
+@@ -125,12 +125,12 @@ struct sockaddr_in *addr;
+ 	   return 0;
+ 
+    /* Check the official name first. */
+-   if (hosts_ctl(daemon, "", hp->h_name, ""))
++   if (hosts_ctl(daemon, hp->h_name, "", ""))
+ 	return 1;
+ 
+    /* Check aliases. */
+    for (sp = hp->h_aliases; *sp ; sp++) {
+-	if (hosts_ctl(daemon, "", *sp, ""))
++	if (hosts_ctl(daemon, *sp, "", ""))
+ 	    return 1;
+    }
+

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Pierre Habouzit <madcoder@debian.org>

References:
- preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
  - From: Aníbal Monsalve Salazar <anibal@debian.org>

Prev by Date: Re: Please unblock icedove 2.0.0.17-1
Next by Date: remove chm2pdf from lenny
Previous by thread: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
Next by thread: Re: preapproval for nfs-utils/1:1.1.2-6lenny1 to fix CVE-2008-4552
Index(es):
- Date
- Thread