Bug#700603: unblock: cfingerd/1.4.3-3.1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#700603: unblock: cfingerd/1.4.3-3.1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 15 Feb 2013 07:38:42 +0100
Message-id: <20130215063842.11371.65020.reportbug@elende.valinor.li>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 700603@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi Release Team!

cfingerd in unstable addresses CVE-2013-1049 to fix a buffer overflow
in rfc1413 (ident) client. See #700098.

Would it be possible to have cfingerd unblocked for wheezy? Debdiff
against the version in Wheezy ist attached.

unblock cfingerd/1.4.3-3.1

Thank you for your work, and regards,
Salvatore

Base version: cfingerd_1.4.3-3 from testing
Target version: cfingerd_1.4.3-3.1 from unstable

No hints in place.

Excuses:



 debian/changelog |    9 +++++++++
 src/rfc1413.c    |    6 ++++--
 2 files changed, 13 insertions(+), 2 deletions(-)

diff -u cfingerd-1.4.3/debian/changelog cfingerd-1.4.3/debian/changelog
--- cfingerd-1.4.3/debian/changelog
+++ cfingerd-1.4.3/debian/changelog
@@ -1,3 +1,12 @@
+cfingerd (1.4.3-3.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * [SECURITY] CVE-2013-1049: fix buffer overflow in rfc1413 (ident) client.
+    Thanks to Malcolm Scott <debianpkg@malc.org.uk> and Marc Deslauriers
+    <marc.deslauriers@ubuntu.com> (Closes: #700098) (LP: #1104425)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 09 Feb 2013 18:38:28 +0100
+
 cfingerd (1.4.3-3) unstable; urgency=low
 
   * Approve NMU
diff -u cfingerd-1.4.3/src/rfc1413.c cfingerd-1.4.3/src/rfc1413.c
--- cfingerd-1.4.3/src/rfc1413.c
+++ cfingerd-1.4.3/src/rfc1413.c
@@ -25,7 +25,9 @@
  * the implementation.  Completely rewritten by yours truly to be self-
  * contained in a single program.  Simple, easy to use.
  */
-#define BUFLEN	(2 * INET6_ADDRSTRLEN)
+#define UNAMELEN   64
+#define BUFLEN     UNAMELEN + INET6_ADDRSTRLEN + 2
+#define INPUTLEN   256
 char *get_rfc1413_data(struct sockaddr_storage * local_addr,
 			struct sockaddr_storage * peer_addr )
 {
@@ -34,7 +36,7 @@
     struct sockaddr_storage sin;
     struct sockaddr_in *sa4 = (struct sockaddr_in *) &sin;
     struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &sin;
-    char buffer[1024], buf[BUFLEN], uname[64], *bleah;
+    char buffer[1024], buf[INPUTLEN], uname[UNAMELEN], *bleah;
     char *cp, *xp;
     struct servent *serv;

Reply to:

Follow-Ups:
- Bug#700603: marked as done (unblock: cfingerd/1.4.3-3.1)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Re: 6.0.7 planning
Next by Date: Bug#700603: marked as done (unblock: cfingerd/1.4.3-3.1)
Previous by thread: Processed: Re: Bug#697751: pu: package gdm3/2.30.5-6squeeze5
Next by thread: Bug#700603: marked as done (unblock: cfingerd/1.4.3-3.1)
Index(es):
- Date
- Thread