[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#845474: jessie-pu: package sniffit/0.3.7.beta-17



Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu

Hi,

This update will fix CVE-2014-5439: Root shell on Sniffit[1]. The issue is
already fixed in Sid (since 0.3.7.beta-20, without a bug) and in upstream.

[1] http://hmarco.org/bugs/CVE-2014-5439-sniffit_0.3.7-stack-buffer-overflow.html

Thanks a lot in advance.

Regards,

Eriberto
diff -Nru sniffit-0.3.7.beta/debian/changelog sniffit-0.3.7.beta/debian/changelog
--- sniffit-0.3.7.beta/debian/changelog	2012-08-21 19:51:44.000000000 -0300
+++ sniffit-0.3.7.beta/debian/changelog	2016-11-23 17:05:14.000000000 -0200
@@ -1,3 +1,9 @@
+sniffit (0.3.7.beta-17+deb8u1) jessie; urgency=medium
+
+  * Added a patch to fix CVE-2014-5439 (Root shell on Sniffit).
+
+ -- Joao Eriberto Mota Filho <eriberto@debian.org>  Wed, 23 Nov 2016 16:57:34 -0200
+
 sniffit (0.3.7.beta-17) unstable; urgency=low
 
   * Acknowledge NMU.
diff -Nru sniffit-0.3.7.beta/debian/patches/fix-CVE-2014-5439.patch sniffit-0.3.7.beta/debian/patches/fix-CVE-2014-5439.patch
--- sniffit-0.3.7.beta/debian/patches/fix-CVE-2014-5439.patch	1969-12-31 21:00:00.000000000 -0300
+++ sniffit-0.3.7.beta/debian/patches/fix-CVE-2014-5439.patch	2016-11-23 17:11:18.000000000 -0200
@@ -0,0 +1,33 @@
+Description: fix CVE-2014-5439 - Root shell on Sniffit.
+Author: Hector Marco < hmarco@hmarco.or>
+        Ismael Ripoll <iripoll@upv.es>
+Last-Update: 2014-07-??
+Origin: http://hmarco.org/bugs/CVE-2014-5439-sniffit_0.3.7-stack-buffer-overflow.html
+Index: sniffit-0.3.7.beta/sn_cfgfile.c
+===================================================================
+--- sniffit-0.3.7.beta.orig/sn_cfgfile.c
++++ sniffit-0.3.7.beta/sn_cfgfile.c
+@@ -119,6 +119,11 @@ char *clean_string (char *string)
+ char help[20];
+ int i, j;
+ 
++if(strlen(string) >= 20){
++   fprintf(stderr, "Error: String too long [%s]\n", string);
++   exit(-1);
++}
++
+ j=0;
+ for(i=0;i<strlen(string);i++)
+ 	{
+@@ -138,6 +143,11 @@ char *clean_filename (char *string)
+ char help[20];
+ int i, j;
+ 
++if(strlen(string) >= 20){
++   fprintf(stderr, "Error: String too long [%s]\n", string);
++   exit(-1);
++}
++
+ j=0;
+ for(i=0;i<strlen(string);i++)
+ 	{
diff -Nru sniffit-0.3.7.beta/debian/patches/series sniffit-0.3.7.beta/debian/patches/series
--- sniffit-0.3.7.beta/debian/patches/series	2012-08-16 19:51:09.000000000 -0300
+++ sniffit-0.3.7.beta/debian/patches/series	2016-11-23 17:08:57.000000000 -0200
@@ -5,3 +5,4 @@
 05_fix_segfaults_on_amd64_bts644978.patch
 use-dpkg-buildflags.patch
 fixspelling.patch
+fix-CVE-2014-5439.patch

Reply to: