Bug#770439: unblock: neutron/2014.1.3-6 (CVE-2014-7821 fix: DoS through invalid DNS configuration)
Package: release.debian.org
Severity: important
User: release.debian.org@packages.debian.org
Usertags: unblock
Dear release team,
Version 2014.1.3-6 of Neutron include a fix for CVE-2014-7821: DoS through
invalid DNS configuration. The fix is really minimal, it's basically a change
in the regexp that was taking too long to validate input. Debdiff attached.
Please unblock neutron/2014.1.3-6.
Cheers,
Thomas Goirand (zigo)
diff -Nru neutron-2014.1.3/debian/changelog neutron-2014.1.3/debian/changelog
--- neutron-2014.1.3/debian/changelog 2014-10-25 08:09:28.000000000 +0000
+++ neutron-2014.1.3/debian/changelog 2014-11-21 08:26:09.000000000 +0000
@@ -1,3 +1,10 @@
+neutron (2014.1.3-6) unstable; urgency=high
+
+ * CVE-2014-7821: DoS through invalid DNS configuration. Applied upstream
+ patch: Fix hostname regex pattern (Closes: #770431).
+
+ -- Thomas Goirand <zigo@debian.org> Fri, 21 Nov 2014 16:25:18 +0800
+
neutron (2014.1.3-5) unstable; urgency=medium
* Adds Danish debconf translations thanks to Joe Dalton <joedalton2@yahoo.dk>
diff -Nru neutron-2014.1.3/debian/patches/cve-2014-7821_DoS_through_invalid_DNS_configuration_icehouse.patch neutron-2014.1.3/debian/patches/cve-2014-7821_DoS_through_invalid_DNS_configuration_icehouse.patch
--- neutron-2014.1.3/debian/patches/cve-2014-7821_DoS_through_invalid_DNS_configuration_icehouse.patch 1970-01-01 00:00:00.000000000 +0000
+++ neutron-2014.1.3/debian/patches/cve-2014-7821_DoS_through_invalid_DNS_configuration_icehouse.patch 2014-11-21 08:26:09.000000000 +0000
@@ -0,0 +1,38 @@
+Description: CVE-2014-7821: Fix hostname regex pattern
+ Current hostname_pattern regex complexity grows exponentially when given a
+ string of just digits, which can be exploited to cause neutron-server to
+ freeze.
+Author: John Perkins <john.perkins@rackspace.com>
+Origin: upstream, https://review.openstack.org/#/c/135624/
+Date: Mon Oct 6 16:24:57 2014 -0500
+Bug-Debian: https://bugs.debian.org/770431
+Bug-Ubuntu: https://launchpad.net/bugs/1378450
+Last-Update: 2014-11-21
+
+Index: neutron/neutron/api/v2/attributes.py
+===================================================================
+--- neutron.orig/neutron/api/v2/attributes.py 2014-10-25 16:10:17.000000000 +0800
++++ neutron/neutron/api/v2/attributes.py 2014-11-21 16:22:21.000000000 +0800
+@@ -537,8 +537,8 @@
+ return [data]
+
+
+-HOSTNAME_PATTERN = ("(?=^.{1,254}$)(^(?:(?!\d+\.|-)[a-zA-Z0-9_\-]"
+- "{1,63}(?<!-)\.?)+(?:[a-zA-Z]{2,})$)")
++HOSTNAME_PATTERN = ("(?=^.{1,254}$)(^(?:(?!\d+.|-)[a-zA-Z0-9_\-]{1,62}"
++ "[a-zA-Z0-9]\.?)+(?:[a-zA-Z]{2,})$)")
+
+ HEX_ELEM = '[0-9A-Fa-f]'
+ UUID_PATTERN = '-'.join([HEX_ELEM + '{8}', HEX_ELEM + '{4}',
+Index: neutron/neutron/tests/unit/test_attributes.py
+===================================================================
+--- neutron.orig/neutron/tests/unit/test_attributes.py 2014-10-25 16:10:17.000000000 +0800
++++ neutron/neutron/tests/unit/test_attributes.py 2014-11-21 16:22:21.000000000 +0800
+@@ -283,6 +283,7 @@
+ ['www.hostname.com', 'www.hostname.com'],
+ ['77.hostname.com'],
+ ['1000.0.0.1'],
++ ['111111111111111111111111111111111111111111111111111111111111'], # noqa
+ None]
+
+ for ns in ns_pools:
diff -Nru neutron-2014.1.3/debian/patches/series neutron-2014.1.3/debian/patches/series
--- neutron-2014.1.3/debian/patches/series 2014-10-25 08:09:28.000000000 +0000
+++ neutron-2014.1.3/debian/patches/series 2014-11-21 08:26:09.000000000 +0000
@@ -5,3 +5,4 @@
Properly_apply_column_default_in_migration_pool_monitor_status.patch
#sane-defaults-for-ml2_conf.ini.patch
#sane-defaults-for-dhcp_agent.ini.patch
+cve-2014-7821_DoS_through_invalid_DNS_configuration_icehouse.patch
Reply to: