Bug#703338: unblock: firebird2.5/2.5.2~svn+54698.ds4-2
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package firebird2.5
The version in unstable fixes two security issues. One allows to overflow
server's stack before authentication, the other is more specific: it crashes
the server when preparing an empty SQL request while tracing of server activity
is enabled.
Both issues were already fixed for squeeze. There are no changes in the client
part (libfbclient2 is used by many other packages).
Source and binary debdiffs attached. The binary diff shows version changes in
package dependencies because all binary packages require the exact same version
of firebird2.5-common-doc which holds (a single copy of) the copyright file.
unblock firebird2.5/2.5.2~svn+54698.ds4-2
Thanks,
dam
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/changelog firebird2.5-2.5.2~svn+54698.ds4/debian/changelog
--- firebird2.5-2.5.2~svn+54698.ds4/debian/changelog 2012-06-30 15:26:39.000000000 +0300
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/changelog 2013-03-18 17:23:51.000000000 +0200
@@ -1,3 +1,14 @@
+firebird2.5 (2.5.2~svn+54698.ds4-2) unstable; urgency=high
+
+ * High urgency for upload fixing security issues
+
+ * fix server crash when preparing an empty SQL statement with tracing enabled
+ patch taken from upstream revision 54702. Closes: #693210 (CVE-2012-5529)
+ * fix remote pre-authentication stack overflow in firebird server
+ patch taken from upstream revision 57728. Closes: #702736 (CVE-2013-2429)
+
+ -- Damyan Ivanov <dmn@debian.org> Mon, 18 Mar 2013 17:23:50 +0200
+
firebird2.5 (2.5.2~svn+54698.ds4-1) unstable; urgency=low
* Snapshot from upstream's 2.5.2 tag, revision 54698. Still not the official
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series
--- firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series 2012-03-27 15:09:28.000000000 +0300
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series 2013-03-18 17:13:09.000000000 +0200
@@ -10,3 +10,5 @@
parallel-build.patch
versioned-log-filename.patch
link_atomic_ops.patch
+upstream/r54702-cve-2012-5529.patch
+upstream/r57728-cve-2013-2429.patch
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch
--- firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch 1970-01-01 02:00:00.000000000 +0200
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch 2013-03-18 17:12:38.000000000 +0200
@@ -0,0 +1,20 @@
+Description: fix crash when preparing empty SQL statement with tracing enabled
+ Stolen from revision 54702 of upstream Subversion repository
+Origin: http://firebird.svn.sourceforge.net/viewvc/firebird/firebird/branches/B2_5_Release/src/jrd/trace/TraceDSQLHelpers.h?r1=54702&r2=54701&pathrev=54702
+Bug: http://tracker.firebirdsql.org/browse/CORE-3884
+Bug-Debian: http://bugs.debian.org/693210
+Forwarded: not-needed
+Author: Vlad Khorsun <hvlad@sourceforge.net>
+Applied-Upstream: 2.5.2
+
+--- a/src/jrd/trace/TraceDSQLHelpers.h
++++ b/src/jrd/trace/TraceDSQLHelpers.h
+@@ -88,7 +88,7 @@ public:
+ Firebird::string str(*getDefaultMemoryPool(), m_string, m_string_len);
+
+ TraceFailedSQLStatement stmt(str);
+- TraceManager::event_dsql_prepare(m_attachment, m_request->req_transaction,
++ TraceManager::event_dsql_prepare(m_attachment, m_request ? m_request->req_transaction : NULL,
+ &stmt, millis, result);
+ }
+ }
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch
--- firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch 1970-01-01 02:00:00.000000000 +0200
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch 2013-03-18 17:13:09.000000000 +0200
@@ -0,0 +1,26 @@
+From: alexpeshkoff <alexpeshkoff@65644016-39b1-43b1-bf79-96bc8fe82c15>
+Date: Wed, 6 Mar 2013 11:33:08 +0000 (+0000)
+Subject: Fixed CORE-4058
+ Fixes a remote, unauthenticated stack overflow
+ CVE-2013-2492
+X-Git-Url: http://anonscm.debian.org/gitweb/?p=pkg-firebird%2Fupstream.git;a=commitdiff;h=9cacbca5093808e217ba68adaa469bd6179fb535
+Bug: http://tracker.firebirdsql.org/browse/CORE-4058
+Bug-Debian: http://bigs.debian.org/702736
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2492
+
+Fixed CORE-4058
+
+git-svn-id: svn://svn.code.sf.net/p/firebird/code/firebird/branches/B2_5_Release@57728 65644016-39b1-43b1-bf79-96bc8fe82c15
+---
+
+--- a/src/remote/inet.cpp
++++ b/src/remote/inet.cpp
+@@ -1056,7 +1056,7 @@ static bool accept_connection(rem_port*
+ case CNCT_group:
+ {
+ const size_t length = id.getClumpLength();
+- if (length != 0)
++ if (length <= sizeof(eff_gid) && length > 0)
+ {
+ eff_gid = 0;
+ memcpy(&eff_gid, id.getBytes(), length);
File lists identical (after any substitutions)
Control files of package firebird-dev: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: libfbclient2 (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libib-util, firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-classic: lines which differ (wdiff format)
-------------------------------------------------------------------------------
Depends: libc6 (>= 2.2.5), libfbembed2.5 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} netbase, firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-classic-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} openbsd-inetd | inet-superserver, debconf (>= 1.4.69), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-classic-common: lines which differ (wdiff format)
--------------------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libedit2 (>= 2.11-20080614-1), libfbembed2.5 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libib-util (>= 2.5.0.23247~Beta1.ds2), libstdc++6 (>= 4.1.1), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-classic-dbg: lines which differ (wdiff format)
-----------------------------------------------------------------------------------
Depends: firebird2.5-classic (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+} | firebird2.5-superclassic (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-classic-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libfbembed2.5 (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Installed-Size: [-83621-] {+83614+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-common: lines which differ (wdiff format)
------------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-common-doc: lines which differ (wdiff format)
----------------------------------------------------------------------------------
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-doc: lines which differ (wdiff format)
---------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-examples: lines which differ (wdiff format)
--------------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-server-common: lines which differ (wdiff format)
-------------------------------------------------------------------------------------
Depends: adduser, libc6 (>= 2.11), libfbclient2 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libicu48 (>= 4.8-1), libstdc++6 (>= 4.1.1), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-super: lines which differ (wdiff format)
-----------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libedit2 (>= 2.11-20080614-1), libfbclient2 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libib-util (>= 2.5.0.23247~Beta1.ds2), libicu48 (>= 4.8-1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} lsb-base, debconf (>= 1.4.69), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-super-dbg: lines which differ (wdiff format)
---------------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-super (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libfbclient2-dbg
Installed-Size: [-80256-] {+80249+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package firebird2.5-superclassic: lines which differ (wdiff format)
------------------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libfbembed2.5 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} netbase, firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-classic-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} lsb-base, debconf (>= 1.4.69)
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package libfbclient2: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: libc6 (>= 2.11), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package libfbclient2-dbg: lines which differ (wdiff format)
----------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libfbclient2 (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package libfbembed2.5: lines which differ (wdiff format)
-------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libgcc1 (>= 1:4.1.1), libicu48 (>= 4.8-1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Control files of package libib-util: lines which differ (wdiff format)
----------------------------------------------------------------------
Depends: libc6 (>= 2.2.5), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}
Reply to: