Bug#781073: marked as done (unblock: libzip/0.11.2-1.2)

To: Niels Thykier <niels@thykier.net>
Subject: Bug#781073: marked as done (unblock: libzip/0.11.2-1.2)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 24 Mar 2015 15:18:12 +0000
Message-id: <[🔎] handler.781073.D781073.142721012928266.ackdone@bugs.debian.org>
References: <55117F87.203@thykier.net> <[🔎] 20150324053841.18037.78757.reportbug@lorien.valinor.li>

Your message dated Tue, 24 Mar 2015 16:15:19 +0100
with message-id <55117F87.203@thykier.net>
and subject line Re: Bug#781073: unblock: libzip/0.11.2-1.2
has caused the Debian Bug report #781073,
regarding unblock: libzip/0.11.2-1.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
781073: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781073
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: libzip/0.11.2-1.2
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 24 Mar 2015 06:38:41 +0100
Message-id: <[🔎] 20150324053841.18037.78757.reportbug@lorien.valinor.li>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi

Please unblock package libzip, it fixes CVE-2015-2331, #780756:

> libzip (0.11.2-1.2) unstable; urgency=high
> 
>   * Non-maintainer upload.
>   * Add CVE-2015-2331.patch patch.
>     CVE-2015-2331: ZIP integer overflow leads to writing past heap boundary.
>     (Closes: #780756)
> 
>  -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 20 Mar 2015 20:17:45 +0100

Attached is the full debdiff as well.

unblock libzip/0.11.2-1.2

Regards,
Salvatore

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru libzip-0.11.2/debian/changelog libzip-0.11.2/debian/changelog
--- libzip-0.11.2/debian/changelog	2014-08-06 15:40:49.000000000 +0200
+++ libzip-0.11.2/debian/changelog	2015-03-20 20:18:20.000000000 +0100
@@ -1,3 +1,12 @@
+libzip (0.11.2-1.2) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Add CVE-2015-2331.patch patch.
+    CVE-2015-2331: ZIP integer overflow leads to writing past heap boundary.
+    (Closes: #780756)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 20 Mar 2015 20:17:45 +0100
+
 libzip (0.11.2-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru libzip-0.11.2/debian/patches/CVE-2015-2331.patch libzip-0.11.2/debian/patches/CVE-2015-2331.patch
--- libzip-0.11.2/debian/patches/CVE-2015-2331.patch	1970-01-01 01:00:00.000000000 +0100
+++ libzip-0.11.2/debian/patches/CVE-2015-2331.patch	2015-03-20 20:18:20.000000000 +0100
@@ -0,0 +1,18 @@
+Description: CVE-2015-2331: ZIP integer overflow
+Origin: https://github.com/php/php-src/commit/ec779124cb7279493ce1ca1088d1aaa32e82479a
+Bug-Debian: https://bugs.debian.org/780756
+Forwarded: not-needed
+Author: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2015-03-20
+
+--- a/lib/zip_dirent.c
++++ b/lib/zip_dirent.c
+@@ -110,7 +110,7 @@ _zip_cdir_new(zip_uint64_t nentry, struc
+ 
+     if (nentry == 0)
+ 	cd->entry = NULL;
+-    else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
++    else if (nentry > ((size_t)-1)/sizeof(*(cd->entry)) || (cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
+ 	_zip_error_set(error, ZIP_ER_MEMORY, 0);
+ 	free(cd);
+ 	return NULL;
diff -Nru libzip-0.11.2/debian/patches/series libzip-0.11.2/debian/patches/series
--- libzip-0.11.2/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ libzip-0.11.2/debian/patches/series	2015-03-20 20:18:20.000000000 +0100
@@ -0,0 +1 @@
+CVE-2015-2331.patch

--- End Message ---

--- Begin Message ---

To: Salvatore Bonaccorso <carnil@debian.org>, 781073-done@bugs.debian.org

Subject: Re: Bug#781073: unblock: libzip/0.11.2-1.2

From: Niels Thykier <niels@thykier.net>

Date: Tue, 24 Mar 2015 16:15:19 +0100

Message-id: <55117F87.203@thykier.net>

In-reply-to: <[🔎] 20150324053841.18037.78757.reportbug@lorien.valinor.li>

References: <[🔎] 20150324053841.18037.78757.reportbug@lorien.valinor.li>
On 2015-03-24 06:38, Salvatore Bonaccorso wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Hi
> 
> Please unblock package libzip, it fixes CVE-2015-2331, #780756:
> 
>> libzip (0.11.2-1.2) unstable; urgency=high
>>
>>   * Non-maintainer upload.
>>   * Add CVE-2015-2331.patch patch.
>>     CVE-2015-2331: ZIP integer overflow leads to writing past heap boundary.
>>     (Closes: #780756)
>>
>>  -- Salvatore Bonaccorso <carnil@debian.org>  Fri, 20 Mar 2015 20:17:45 +0100
> 
> Attached is the full debdiff as well.
> 
> unblock libzip/0.11.2-1.2
> 
> Regards,
> Salvatore
> 
> [...]

Unblocked, thanks.

~Niels
--- End Message ---

Reply to:

References:
- Bug#781073: unblock: libzip/0.11.2-1.2
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Processed: Re: Bug#781010: unblock: simpleid/0.8.1-14
Next by Date: Bug#781108: unblock: krb5/1.12.1+dfsg-19
Previous by thread: Bug#781073: unblock: libzip/0.11.2-1.2
Next by thread: Bug#777216: marked as done ((pre-approval) unblock: sbuild/0.65.0-2)
Index(es):
- Date
- Thread