Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1
From: Sergei Golovan <sgolovan@nes.ru>
Date: Tue, 29 Jan 2013 14:56:49 +0400
Message-id: <20130129105649.11404.93250.reportbug@jupiter.golovan.home>
Reply-to: Sergei Golovan <sgolovan@nes.ru>, 699228@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu

Hi!

I'd like to upload snack/2.2.10-dfsg1-9+squeeze1 which fixes CVE-2012-6303 to
stable. The original bug is
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695614
It was fixed in unstable and testing via NMU. This proposed upload includes
the same patch (attached).

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (100, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Index: debian/patches/CVE-2012-6303.patch
===================================================================
--- debian/patches/CVE-2012-6303.patch	(revision 0)
+++ debian/patches/CVE-2012-6303.patch	(revision 0)
@@ -0,0 +1,18 @@
+--- snack-2.2.10-dfsg1/generic/jkSoundFile.c	2005-12-14 12:29:38.000000000 +0100
++++ snack-2.2.10-dfsg1+karcher/generic/jkSoundFile.c	2013-01-02 00:29:56.836287036 +0100
+@@ -1796,7 +1796,14 @@
+ GetHeaderBytes(Sound *s, Tcl_Interp *interp, Tcl_Channel ch, char *buf, 
+ 	       int len)
+ {
+-  int rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead);
++  int rlen;
++
++  if (len > max(CHANNEL_HEADER_BUFFER, HEADBUF)){
++    Tcl_AppendResult(interp, "Excessive header size", NULL);
++    return TCL_ERROR;
++  }
++
++  rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead);
+ 
+   if (rlen < len - s->firstNRead){
+     Tcl_AppendResult(interp, "Failed reading header bytes", NULL);
Index: debian/patches/series
===================================================================
--- debian/patches/series	(revision 979)
+++ debian/patches/series	(working copy)
@@ -1,2 +1,3 @@
 alsa.patch
 glibc2.10.patch
+CVE-2012-6303.patch
Index: debian/changelog
===================================================================
--- debian/changelog	(revision 979)
+++ debian/changelog	(working copy)
@@ -1,3 +1,9 @@
+snack (2.2.10-dfsg1-9+squeeze1) stable; urgency=low
+
+  * Included patch by Michael Karcher to fix CVE-2012-6303.
+
+ -- Sergei Golovan <sgolovan@debian.org>  Thu, 29 Oct 2009 21:58:50 +0300
+
 snack (2.2.10-dfsg1-9) unstable; urgency=low
 
   * Added patch which makes snack build with glibc 2.10 (closes: #548641).

Reply to:

Follow-Ups:
- Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Processed: Re: Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Processed: Re: Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#697190: unblock: virtuoso-opensource/6.1.4+dfsg1-2
Next by Date: Re: Bug#699235: RM: elmerfem/stable -- RoQA; license problems
Previous by thread: Bug#699213: marked as done (unblock: network-manager/0.9.4.0-10)
Next by thread: Bug#699228: pu: package snack/2.2.10-dfsg1-9+squeeze1
Index(es):
- Date
- Thread