Bug#703338: marked as done (unblock: firebird2.5/2.5.2~svn+54698.ds4-2)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#703338: marked as done (unblock: firebird2.5/2.5.2~svn+54698.ds4-2)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 19 Mar 2013 15:33:09 +0000
Message-id: <[🔎] handler.703338.D703338.136370702718984.ackdone@bugs.debian.org>
References: <d318fa5c998f9176cd486306ceca5cc1@mail.adsl.funky-badger.org> <[🔎] 20130318154818.16486.4065.reportbug@pc1.creditreform.bg>

Your message dated Tue, 19 Mar 2013 15:30:18 +0000
with message-id <d318fa5c998f9176cd486306ceca5cc1@mail.adsl.funky-badger.org>
and subject line Re: Bug#703338: unblock: firebird2.5/2.5.2~svn+54698.ds4-2
has caused the Debian Bug report #703338,
regarding unblock: firebird2.5/2.5.2~svn+54698.ds4-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
703338: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703338
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: firebird2.5/2.5.2~svn+54698.ds4-2
From: Damyan Ivanov <dmn@debian.org>
Date: Mon, 18 Mar 2013 17:48:18 +0200
Message-id: <[🔎] 20130318154818.16486.4065.reportbug@pc1.creditreform.bg>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package firebird2.5

The version in unstable fixes two security issues. One allows to overflow 
server's stack before authentication, the other is more specific: it crashes 
the server when preparing an empty SQL request while tracing of server activity 
is enabled.

Both issues were already fixed for squeeze. There are no changes in the client 
part (libfbclient2 is used by many other packages).

Source and binary debdiffs attached. The binary diff shows version changes in 
package dependencies because all binary packages require the exact same version 
of firebird2.5-common-doc which holds (a single copy of) the copyright file.

unblock firebird2.5/2.5.2~svn+54698.ds4-2

Thanks,
    dam

diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/changelog firebird2.5-2.5.2~svn+54698.ds4/debian/changelog
--- firebird2.5-2.5.2~svn+54698.ds4/debian/changelog	2012-06-30 15:26:39.000000000 +0300
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/changelog	2013-03-18 17:23:51.000000000 +0200
@@ -1,3 +1,14 @@
+firebird2.5 (2.5.2~svn+54698.ds4-2) unstable; urgency=high
+
+  * High urgency for upload fixing security issues
+
+  * fix server crash when preparing an empty SQL statement with tracing enabled
+    patch taken from upstream revision 54702. Closes: #693210 (CVE-2012-5529)
+  * fix remote pre-authentication stack overflow in firebird server
+    patch taken from upstream revision 57728. Closes: #702736 (CVE-2013-2429)
+
+ -- Damyan Ivanov <dmn@debian.org>  Mon, 18 Mar 2013 17:23:50 +0200
+
 firebird2.5 (2.5.2~svn+54698.ds4-1) unstable; urgency=low
 
   * Snapshot from upstream's 2.5.2 tag, revision 54698. Still not the official
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series
--- firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series	2012-03-27 15:09:28.000000000 +0300
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/patches/series	2013-03-18 17:13:09.000000000 +0200
@@ -10,3 +10,5 @@
 parallel-build.patch
 versioned-log-filename.patch
 link_atomic_ops.patch
+upstream/r54702-cve-2012-5529.patch
+upstream/r57728-cve-2013-2429.patch
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch
--- firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch	1970-01-01 02:00:00.000000000 +0200
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r54702-cve-2012-5529.patch	2013-03-18 17:12:38.000000000 +0200
@@ -0,0 +1,20 @@
+Description: fix crash when preparing empty SQL statement with tracing enabled
+ Stolen from revision 54702 of upstream Subversion repository
+Origin: http://firebird.svn.sourceforge.net/viewvc/firebird/firebird/branches/B2_5_Release/src/jrd/trace/TraceDSQLHelpers.h?r1=54702&r2=54701&pathrev=54702
+Bug: http://tracker.firebirdsql.org/browse/CORE-3884
+Bug-Debian: http://bugs.debian.org/693210
+Forwarded: not-needed
+Author: Vlad Khorsun <hvlad@sourceforge.net>
+Applied-Upstream: 2.5.2
+
+--- a/src/jrd/trace/TraceDSQLHelpers.h
++++ b/src/jrd/trace/TraceDSQLHelpers.h
+@@ -88,7 +88,7 @@ public:
+ 			Firebird::string str(*getDefaultMemoryPool(), m_string, m_string_len);
+ 
+ 			TraceFailedSQLStatement stmt(str);
+-			TraceManager::event_dsql_prepare(m_attachment, m_request->req_transaction,
++			TraceManager::event_dsql_prepare(m_attachment, m_request ? m_request->req_transaction : NULL,
+ 				&stmt, millis, result);
+ 		}
+ 	}
diff -Nru -w firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch
--- firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch	1970-01-01 02:00:00.000000000 +0200
+++ firebird2.5-2.5.2~svn+54698.ds4/debian/patches/upstream/r57728-cve-2013-2429.patch	2013-03-18 17:13:09.000000000 +0200
@@ -0,0 +1,26 @@
+From: alexpeshkoff <alexpeshkoff@65644016-39b1-43b1-bf79-96bc8fe82c15>
+Date: Wed, 6 Mar 2013 11:33:08 +0000 (+0000)
+Subject: Fixed CORE-4058
+ Fixes a remote, unauthenticated stack overflow
+ CVE-2013-2492
+X-Git-Url: http://anonscm.debian.org/gitweb/?p=pkg-firebird%2Fupstream.git;a=commitdiff;h=9cacbca5093808e217ba68adaa469bd6179fb535
+Bug: http://tracker.firebirdsql.org/browse/CORE-4058
+Bug-Debian: http://bigs.debian.org/702736
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2492
+
+Fixed CORE-4058
+
+git-svn-id: svn://svn.code.sf.net/p/firebird/code/firebird/branches/B2_5_Release@57728 65644016-39b1-43b1-bf79-96bc8fe82c15
+---
+
+--- a/src/remote/inet.cpp
++++ b/src/remote/inet.cpp
+@@ -1056,7 +1056,7 @@ static bool accept_connection(rem_port*
+ 		case CNCT_group:
+ 			{
+ 				const size_t length = id.getClumpLength();
+-				if (length != 0)
++				if (length <= sizeof(eff_gid) && length > 0)
+ 				{
+ 					eff_gid = 0;
+ 					memcpy(&eff_gid, id.getBytes(), length);

File lists identical (after any substitutions)

Control files of package firebird-dev: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: libfbclient2 (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libib-util, firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-classic: lines which differ (wdiff format)
-------------------------------------------------------------------------------
Depends: libc6 (>= 2.2.5), libfbembed2.5 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} netbase, firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-classic-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} openbsd-inetd | inet-superserver, debconf (>= 1.4.69), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-classic-common: lines which differ (wdiff format)
--------------------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libedit2 (>= 2.11-20080614-1), libfbembed2.5 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libib-util (>= 2.5.0.23247~Beta1.ds2), libstdc++6 (>= 4.1.1), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-classic-dbg: lines which differ (wdiff format)
-----------------------------------------------------------------------------------
Depends: firebird2.5-classic (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+} | firebird2.5-superclassic (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-classic-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libfbembed2.5 (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Installed-Size: [-83621-] {+83614+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-common: lines which differ (wdiff format)
------------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-common-doc: lines which differ (wdiff format)
----------------------------------------------------------------------------------
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-doc: lines which differ (wdiff format)
---------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-examples: lines which differ (wdiff format)
--------------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-server-common: lines which differ (wdiff format)
-------------------------------------------------------------------------------------
Depends: adduser, libc6 (>= 2.11), libfbclient2 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libicu48 (>= 4.8-1), libstdc++6 (>= 4.1.1), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-super: lines which differ (wdiff format)
-----------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libedit2 (>= 2.11-20080614-1), libfbclient2 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libib-util (>= 2.5.0.23247~Beta1.ds2), libicu48 (>= 4.8-1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} lsb-base, debconf (>= 1.4.69), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-super-dbg: lines which differ (wdiff format)
---------------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-super (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libfbclient2-dbg
Installed-Size: [-80256-] {+80249+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package firebird2.5-superclassic: lines which differ (wdiff format)
------------------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libfbembed2.5 (>= 2.5.0.25784~ReleaseCandidate1.ds2), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} netbase, firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-classic-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} lsb-base, debconf (>= 1.4.69)
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package libfbclient2: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: libc6 (>= 2.11), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package libfbclient2-dbg: lines which differ (wdiff format)
----------------------------------------------------------------------------
Depends: firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} libfbclient2 (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package libfbembed2.5: lines which differ (wdiff format)
-------------------------------------------------------------------------
Depends: libc6 (>= 2.11), libgcc1 (>= 1:4.1.1), libicu48 (>= 4.8-1), libstdc++6 (>= 4.1.1), firebird2.5-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-server-common (= [-2.5.2~svn+54698.ds4-1),-] {+2.5.2~svn+54698.ds4-2),+} firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

Control files of package libib-util: lines which differ (wdiff format)
----------------------------------------------------------------------
Depends: libc6 (>= 2.2.5), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1), firebird2.5-common-doc (= [-2.5.2~svn+54698.ds4-1)-] {+2.5.2~svn+54698.ds4-2)+}
Version: [-2.5.2~svn+54698.ds4-1-] {+2.5.2~svn+54698.ds4-2+}

--- End Message ---

--- Begin Message ---

To: Damyan Ivanov <dmn@debian.org>, <703338-done@bugs.debian.org>

Subject: Re: Bug#703338: unblock: firebird2.5/2.5.2~svn+54698.ds4-2

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Tue, 19 Mar 2013 15:30:18 +0000

Message-id: <d318fa5c998f9176cd486306ceca5cc1@mail.adsl.funky-badger.org>

In-reply-to: <[🔎] 20130318154818.16486.4065.reportbug@pc1.creditreform.bg>

References: <[🔎] 20130318154818.16486.4065.reportbug@pc1.creditreform.bg>
On 18.03.2013 15:48, Damyan Ivanov wrote:
Please unblock package firebird2.5
The version in unstable fixes two security issues. One allows tooverflowserver's stack before authentication, the other is more specific: itcrashes
the server when preparing an empty SQL request while tracing of
server activity
is enabled.
Unblocked; thanks.

Regards,

Adam
--- End Message ---

Reply to:

References:
- Bug#703338: unblock: firebird2.5/2.5.2~svn+54698.ds4-2
  - From: Damyan Ivanov <dmn@debian.org>

Prev by Date: Bug#703378: marked as done (pre-approval: hsqldb/1.8.0.10+dfsg-0+deb7u1)
Next by Date: Bug#698778: preapproval of expect/5.45-3
Previous by thread: Bug#703338: unblock: firebird2.5/2.5.2~svn+54698.ds4-2
Next by thread: Bug#703347: unblock: ejabberd 2.1.10-4
Index(es):
- Date
- Thread