Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu
Hi!
I'd like to upload snack/2.2.10-dfsg1-9+squeeze1 which fixes CVE-2012-6303 to
stable. The original bug is
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695614
It was fixed in unstable and testing via NMU. This proposed upload includes
the same patch (attached).
-- System Information:
Debian Release: 7.0
APT prefers testing
APT policy: (500, 'testing'), (100, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.5-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Index: debian/patches/CVE-2012-6303.patch
===================================================================
--- debian/patches/CVE-2012-6303.patch (revision 0)
+++ debian/patches/CVE-2012-6303.patch (revision 0)
@@ -0,0 +1,18 @@
+--- snack-2.2.10-dfsg1/generic/jkSoundFile.c 2005-12-14 12:29:38.000000000 +0100
++++ snack-2.2.10-dfsg1+karcher/generic/jkSoundFile.c 2013-01-02 00:29:56.836287036 +0100
+@@ -1796,7 +1796,14 @@
+ GetHeaderBytes(Sound *s, Tcl_Interp *interp, Tcl_Channel ch, char *buf,
+ int len)
+ {
+- int rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead);
++ int rlen;
++
++ if (len > max(CHANNEL_HEADER_BUFFER, HEADBUF)){
++ Tcl_AppendResult(interp, "Excessive header size", NULL);
++ return TCL_ERROR;
++ }
++
++ rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead);
+
+ if (rlen < len - s->firstNRead){
+ Tcl_AppendResult(interp, "Failed reading header bytes", NULL);
Index: debian/patches/series
===================================================================
--- debian/patches/series (revision 979)
+++ debian/patches/series (working copy)
@@ -1,2 +1,3 @@
alsa.patch
glibc2.10.patch
+CVE-2012-6303.patch
Index: debian/changelog
===================================================================
--- debian/changelog (revision 979)
+++ debian/changelog (working copy)
@@ -1,3 +1,9 @@
+snack (2.2.10-dfsg1-9+squeeze1) stable; urgency=low
+
+ * Included patch by Michael Karcher to fix CVE-2012-6303.
+
+ -- Sergei Golovan <sgolovan@debian.org> Thu, 29 Oct 2009 21:58:50 +0300
+
snack (2.2.10-dfsg1-9) unstable; urgency=low
* Added patch which makes snack build with glibc 2.10 (closes: #548641).
Reply to: