Team,
I have prepared a fixed package ready for s-p-u that fixes this problem.
Changes to the package are:
--- iscsitarget-0.4.16+svn162.orig/debian/changelog
+++ iscsitarget-0.4.16+svn162/debian/changelog
@@ -0,0 +1,143 @@
+iscsitarget (0.4.16+svn162-3.1) stable; urgency=low
+
+ * Fix CVE-2010-0743 (Closes: #574935)
+
+ -- Ritesh Raj Sarraf <rrs@researchut.com> Sun, 25 Apr 2010 11:51:35 +0530
+
--- iscsitarget-0.4.16+svn162.orig/usr/isns.c
+++ iscsitarget-0.4.16+svn162/usr/isns.c
@@ -299,7 +299,7 @@
tlv = (struct isns_tlv *) hdr->pdu;
if (name)
- snprintf(mgmt->name, sizeof(mgmt->name), name);
+ snprintf(mgmt->name, sizeof(mgmt->name), "%s", name);
else {
mgmt->name[0] = '\0';
target = list_entry(targets_list.q_forw, struct target,
tlist);
@@ -687,7 +687,7 @@
ini = malloc(sizeof(*ini));
if (!ini)
goto free_qry_mgmt;
- snprintf(ini->name, sizeof(ini->name), name);
+ snprintf(ini->name, sizeof(ini->name), "%s",
name);
insque(&ini->ilist, &target->isns_head);
} else
name = NULL;
The package in lenny does not use a patch system. To keep the changes for s-p-
u, I went ahead and directly patched the source code. The patch gets added to
the diff.gz.
Unfortunately, the version in Lenny is not in good shape. There are many
packaging errors in it.
rrs@champaran:/tmp/DebSources/iscsitarget-0.4.16+svn162 $ lintian
/var/tmp/Debian/Result/iscsitarget_0.4.16+svn162-3.1_amd64.changes
I: iscsitarget source: missing-debian-source-format
W: iscsitarget source: changelog-should-mention-nmu
P: iscsitarget source: direct-changes-in-diff-but-no-patch-system usr/isns.c
I: iscsitarget source: debian-watch-file-is-missing
W: iscsitarget source: debhelper-but-no-misc-depends iscsitarget-source
W: iscsitarget source: debhelper-but-no-misc-depends iscsitarget
W: iscsitarget source: out-of-date-standards-version 3.8.0 (current is 3.8.4)
P: iscsitarget source: source-contains-prebuilt-binary usr/session.o
P: iscsitarget source: source-contains-prebuilt-binary usr/event.o
P: iscsitarget source: source-contains-prebuilt-binary usr/ietadm.o
P: iscsitarget source: source-contains-prebuilt-binary usr/isns.o
P: iscsitarget source: source-contains-prebuilt-binary usr/log.o
P: iscsitarget source: source-contains-prebuilt-binary usr/param.o
P: iscsitarget source: source-contains-prebuilt-binary usr/ietd.o
P: iscsitarget source: source-contains-prebuilt-binary usr/target.o
P: iscsitarget source: source-contains-prebuilt-binary usr/chap.o
P: iscsitarget source: source-contains-prebuilt-binary usr/ietd
P: iscsitarget source: source-contains-prebuilt-binary usr/iscsid.o
P: iscsitarget source: source-contains-prebuilt-binary usr/conn.o
P: iscsitarget source: source-contains-prebuilt-binary usr/ctldev.o
P: iscsitarget source: source-contains-prebuilt-binary usr/message.o
P: iscsitarget source: source-contains-prebuilt-binary usr/plain.o
P: iscsitarget source: source-contains-prebuilt-binary usr/ietadm
E: iscsitarget: possible-gpl-code-linked-with-openssl
W: iscsitarget: manpage-has-errors-from-man usr/share/man/man5/ietd.conf.5.gz
127: warning [p 2, 7.3i, div `an-div', 0.2i]: can't break line
I: iscsitarget: init.d-script-does-not-provide-itself /etc/init.d/iscsitarget
E: iscsitarget: init.d-script-missing-dependency-on-remote_fs
/etc/init.d/iscsitarget: required-start
E: iscsitarget: init.d-script-missing-dependency-on-remote_fs
/etc/init.d/iscsitarget: required-stop
N: 1 tag overridden (1 warning)
The one that I introduced is:
P: iscsitarget source: direct-changes-in-diff-but-no-patch-system usr/isns.c
Please let me know if it is okay in this state or we want to fix the remaining
bugs also for this stable update.
This issue is fixed in squeeze/sid with a new upload (1.4.20-1).
Regards,
Ritesh
--
Ritesh Raj Sarraf
RESEARCHUT - http://www.researchut.com
"Necessity is the mother of invention."
Attachment:
signature.asc
Description: This is a digitally signed message part.