[SRM] pure-ftpd upload for CVE-2011-1575

To: debian-release@lists.debian.org
Subject: [SRM] pure-ftpd upload for CVE-2011-1575
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Sun, 25 Dec 2011 17:45:42 +0100
Message-id: <[🔎] 20111225164542.GA5597@pisco.westfalen.local>

Hi,
fix for CVE-2011-1575 in stable. There's some config.log leftovers
from the buildsystem in the debdiff, dunno where that comes from.
The security fix has been isolated from the 1.0.30 release.

Cheers,
        Moritz

diff -u pure-ftpd-1.0.28/debian/changelog pure-ftpd-1.0.28/debian/changelog
--- pure-ftpd-1.0.28/debian/changelog
+++ pure-ftpd-1.0.28/debian/changelog
@@ -1,3 +1,10 @@
+pure-ftpd (1.0.28-3+squeeze1) stable; urgency=low
+
+  * Non-maintainer upload by the Security Team
+  * Fix CVE-2011-1575
+
+ -- Moritz Muehlenhoff <jmm@debian.org>  Sat, 24 Dec 2011 16:07:45 +0000
+
 pure-ftpd (1.0.28-3) unstable; urgency=medium
 
   * Fix "fails to authenticate, errors in configuration file (SQL)": add
only in patch2:
unchanged:
--- pure-ftpd-1.0.28.orig/config.log
+++ pure-ftpd-1.0.28/config.log
@@ -0,0 +1,236 @@
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by pure-ftpd configure 1.0.28, which was
+generated by GNU Autoconf 2.65.  Invocation command line was
+
+  $ ./configure --prefix=/usr --mandir=${prefix}/share/man --sysconfdir=/etc/pure-ftpd CFLAGS=-DMAX_USER_LENGTH=128U --with-everything --with-largefile --with-pam --with-privsep --with-tls --with-rfc2640
+
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = pisco
+uname -m = x86_64
+uname -r = 3.1.0-1-amd64
+uname -s = Linux
+uname -v = #1 SMP Sun Dec 11 20:36:41 UTC 2011
+
+/usr/bin/uname -p = unknown
+/bin/uname -X     = unknown
+
+/bin/arch              = unknown
+/usr/bin/arch -k       = unknown
+/usr/convex/getsysinfo = unknown
+/usr/bin/hostinfo      = unknown
+/bin/machine           = unknown
+/usr/bin/oslevel       = unknown
+/bin/universe          = unknown
+
+PATH: /usr/local/bin
+PATH: /usr/bin
+PATH: /bin
+PATH: /usr/local/games
+PATH: /usr/games
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+configure:2622: checking for a BSD-compatible install
+configure:2690: result: /usr/bin/install -c
+configure:2701: checking whether build environment is sane
+configure:2751: result: yes
+configure:2892: checking for a thread-safe mkdir -p
+configure:2931: result: /bin/mkdir -p
+configure:2944: checking for gawk
+configure:2974: result: no
+configure:2944: checking for mawk
+configure:2960: found /usr/bin/mawk
+configure:2971: result: mawk
+configure:2982: checking whether make sets $(MAKE)
+configure:3004: result: yes
+configure:3135: checking for ranlib
+configure:3151: found /usr/bin/ranlib
+configure:3162: result: ranlib
+configure:3232: checking for gcc
+configure:3248: found /usr/bin/gcc
+configure:3259: result: gcc
+configure:3488: checking for C compiler version
+configure:3497: gcc --version >&5
+gcc-4.4.real (Debian 4.4.5-8) 4.4.5
+Copyright (C) 2010 Free Software Foundation, Inc.
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+configure:3508: $? = 0
+configure:3497: gcc -v >&5
+Using built-in specs.
+Target: x86_64-linux-gnu
+Configured with: ../src/configure -v --with-pkgversion='Debian 4.4.5-8' --with-bugurl=file:///usr/share/doc/gcc-4.4/README.Bugs --enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-4.4 --enable-shared --enable-multiarch --enable-linker-build-id --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.4 --libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --with-arch-32=i586 --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
+Thread model: posix
+gcc version 4.4.5 (Debian 4.4.5-8) 
+configure:3508: $? = 0
+configure:3497: gcc -V >&5
+gcc-4.4.real: '-V' option must have argument
+configure:3508: $? = 1
+configure:3497: gcc -qversion >&5
+gcc-4.4.real: unrecognized option '-qversion'
+gcc-4.4.real: no input files
+configure:3508: $? = 1
+configure:3528: checking whether the C compiler works
+configure:3550: gcc -DMAX_USER_LENGTH=128U   conftest.c  >&5
+
+## ---------------- ##
+## Cache variables. ##
+## ---------------- ##
+
+ac_cv_env_CC_set=
+ac_cv_env_CC_value=
+ac_cv_env_CFLAGS_set=set
+ac_cv_env_CFLAGS_value=-DMAX_USER_LENGTH=128U
+ac_cv_env_CPPFLAGS_set=set
+ac_cv_env_CPPFLAGS_value=
+ac_cv_env_CPP_set=
+ac_cv_env_CPP_value=
+ac_cv_env_LDFLAGS_set=set
+ac_cv_env_LDFLAGS_value=
+ac_cv_env_LIBS_set=
+ac_cv_env_LIBS_value=
+ac_cv_env_PERL_set=
+ac_cv_env_PERL_value=
+ac_cv_env_PYTHON_set=
+ac_cv_env_PYTHON_value=
+ac_cv_env_build_alias_set=
+ac_cv_env_build_alias_value=
+ac_cv_env_host_alias_set=
+ac_cv_env_host_alias_value=
+ac_cv_env_target_alias_set=
+ac_cv_env_target_alias_value=
+ac_cv_path_install='/usr/bin/install -c'
+ac_cv_path_mkdir=/bin/mkdir
+ac_cv_prog_AWK=mawk
+ac_cv_prog_ac_ct_CC=gcc
+ac_cv_prog_ac_ct_RANLIB=ranlib
+ac_cv_prog_make_make_set=yes
+
+## ----------------- ##
+## Output variables. ##
+## ----------------- ##
+
+ACLOCAL='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/missing --run aclocal-1.11'
+ALLOCA=''
+AMDEPBACKSLASH=''
+AMDEP_FALSE=''
+AMDEP_TRUE=''
+AMTAR='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/missing --run tar'
+AUTOCONF='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/missing --run autoconf'
+AUTOHEADER='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/missing --run autoheader'
+AUTOMAKE='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/missing --run automake-1.11'
+AWK='mawk'
+BONJOUR_LDADD=''
+CC='gcc'
+CCDEPMODE=''
+CFLAGS='-DMAX_USER_LENGTH=128U'
+CONFDIR=''
+CPP=''
+CPPFLAGS=''
+CYGPATH_W='echo'
+DEFS=''
+DEPDIR=''
+ECHO_C=''
+ECHO_N='-n'
+ECHO_T=''
+EGREP=''
+EXEEXT=''
+GETLOADAVG_LIBS=''
+GREP=''
+INSTALL_DATA='${INSTALL} -m 644'
+INSTALL_PROGRAM='${INSTALL}'
+INSTALL_SCRIPT='${INSTALL}'
+INSTALL_STRIP_PROGRAM='$(install_sh) -c -s'
+ISODATE='2011-12-24'
+KMEM_GROUP=''
+LDAP_SSL_LIBS=''
+LDFLAGS=''
+LIBOBJS=''
+LIBS=''
+LOCALSTATEDIR=''
+LTLIBOBJS=''
+MAKEINFO='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/missing --run makeinfo'
+MKDIR_P='/bin/mkdir -p'
+NEED_SETGID=''
+OBJEXT=''
+PACKAGE='pure-ftpd'
+PACKAGE_BUGREPORT='bugs at pureftpd dot org'
+PACKAGE_NAME='pure-ftpd'
+PACKAGE_STRING='pure-ftpd 1.0.28'
+PACKAGE_TARNAME='pure-ftpd'
+PACKAGE_URL=''
+PACKAGE_VERSION='1.0.28'
+PATH_SEPARATOR=':'
+PERL=''
+POW_LIB=''
+PYTHON=''
+RANLIB='ranlib'
+SET_MAKE=''
+SHELL='/bin/bash'
+STRIP=''
+VERSION='1.0.28'
+ac_ct_CC='gcc'
+am__EXEEXT_FALSE=''
+am__EXEEXT_TRUE=''
+am__fastdepCC_FALSE=''
+am__fastdepCC_TRUE=''
+am__include=''
+am__isrc=''
+am__leading_dot='.'
+am__quote=''
+am__tar='${AMTAR} chof - "$$tardir"'
+am__untar='${AMTAR} xf -'
+bindir='${exec_prefix}/bin'
+build_alias=''
+certfile=''
+datadir='${datarootdir}'
+datarootdir='${prefix}/share'
+docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
+dvidir='${docdir}'
+exec_prefix='NONE'
+host_alias=''
+htmldir='${docdir}'
+includedir='${prefix}/include'
+infodir='${datarootdir}/info'
+install_sh='${SHELL} /home/jmm/pure/pure-ftpd-1.0.28/install-sh'
+libdir='${exec_prefix}/lib'
+libexecdir='${exec_prefix}/libexec'
+localedir='${datarootdir}/locale'
+localstatedir='${prefix}/var'
+mandir='${prefix}/share/man'
+mkdir_p='/bin/mkdir -p'
+oldincludedir='/usr/include'
+pdfdir='${docdir}'
+prefix='/usr'
+program_transform_name='s,x,x,'
+psdir='${docdir}'
+sbindir='${exec_prefix}/sbin'
+sharedstatedir='${prefix}/com'
+sysconfdir='/etc/pure-ftpd'
+target_alias=''
+
+## ----------- ##
+## confdefs.h. ##
+## ----------- ##
+
+/* confdefs.h */
+#define PACKAGE_NAME "pure-ftpd"
+#define PACKAGE_TARNAME "pure-ftpd"
+#define PACKAGE_VERSION "1.0.28"
+#define PACKAGE_STRING "pure-ftpd 1.0.28"
+#define PACKAGE_BUGREPORT "bugs at pureftpd dot org"
+#define PACKAGE_URL ""
+#define PACKAGE "pure-ftpd"
+#define VERSION "1.0.28"
+
+configure: caught signal 2
+configure: exit 1
only in patch2:
unchanged:
--- pure-ftpd-1.0.28.orig/src/ftp_parser.c
+++ pure-ftpd-1.0.28/src/ftp_parser.c
@@ -57,14 +57,20 @@
  * -Frank.
  */
 
+static size_t scanned;
+static size_t readnbd;
+
+static void flush_cmd(void)
+{
+    scanned = readnbd = (size_t) 0U;
+}
+
 int sfgets(void)
 {
     struct pollfd pfd;
     int pollret;
     ssize_t readnb;
     signed char seen_r = 0;
-    static size_t scanned;
-    static size_t readnbd;
     
     if (scanned > (size_t) 0U) {       /* support pipelining */
         readnbd -= scanned;        
@@ -362,6 +368,7 @@
             addreply_noformat(234, "AUTH TLS OK.");
             doreply();
             if (tls_cnx == NULL) {
+                flush_cmd();
                 (void) tls_init_new_session();
             }
             goto wayout;

Reply to:

Prev by Date: NEW changes in oldproposedupdates
Next by Date: Re: Bug#653053: ldap2zone: Sending email every hour fill up the mail spool
Previous by thread: Re: Bug#653053: ldap2zone: Sending email every hour fill up the mail spool
Next by thread: Processed: block 653195 with 648559, owner 653195
Index(es):
- Date
- Thread