Bug#874377: jessie-pu: package irssi/0.8.17-1+deb8u4
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
In order to fix #867598 in oldstable I prepared a 0.8.17-1+deb8u5 update for
irssi. The debdiff is attached, it is quite similar the one proposed to
stretch version.
Thanks in advance.
Lucas Kanashiro
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.12.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -u irssi-0.8.17/debian/changelog irssi-0.8.17/debian/changelog
--- irssi-0.8.17/debian/changelog
+++ irssi-0.8.17/debian/changelog
@@ -1,3 +1,12 @@
+irssi (0.8.17-1+deb8u5) jessie; urgency=medium
+
+ * Non-maintainer upload.
+ * Security related update pulling upstream 5e26325317 (closes: 867598):
+ - Fix null pointer dereference (CVE-2017-10965)
+ - Fix use-after-free condition for nicklist (CVE-2017-10966)
+
+ -- Lucas Kanashiro <kanashiro@debian.org> Tue, 05 Sep 2017 11:37:26 -0300
+
irssi (0.8.17-1+deb8u4) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -u irssi-0.8.17/debian/patches/series irssi-0.8.17/debian/patches/series
--- irssi-0.8.17/debian/patches/series
+++ irssi-0.8.17/debian/patches/series
@@ -1,3 +1,4 @@
+28Fix-use-after-free-and-null-pointer-dereference.patch
01chanmode_expando_strip
02ctcp_version_reply
03firsttimer_text
only in patch2:
unchanged:
--- irssi-0.8.17.orig/debian/patches/28Fix-use-after-free-and-null-pointer-dereference.patch
+++ irssi-0.8.17/debian/patches/28Fix-use-after-free-and-null-pointer-dereference.patch
@@ -0,0 +1,72 @@
+From 29ebac987da1da2c892aed5ed329256b7bc94bca Mon Sep 17 00:00:00 2001
+From: Nei <ailin.nemui@gmail.com>
+Date: Thu, 29 Jun 2017 13:48:44 +0000
+Subject: [PATCH 1/2] Check return value of localtime
+
+Fixes #10
+---
+ src/core/misc.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/core/misc.c b/src/core/misc.c
+index ce49925b1..0b2d8e776 100644
+--- a/src/core/misc.c
++++ b/src/core/misc.c
+@@ -560,6 +560,9 @@ char *my_asctime(time_t t)
+ int len;
+
+ tm = localtime(&t);
++ if (tm == NULL)
++ return g_strdup("???");
++
+ str = g_strdup(asctime(tm));
+
+ len = strlen(str);
+
+From 73b851c39c11d01199e6c040749fb20e468f6c8d Mon Sep 17 00:00:00 2001
+From: ailin-nemui <ailin-nemui@users.noreply.github.com>
+Date: Tue, 4 Jul 2017 16:10:55 +0200
+Subject: [PATCH 2/2] correct GHashTable usage
+
+---
+ src/core/nicklist.c | 17 ++++++++++-------
+ 1 file changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/src/core/nicklist.c b/src/core/nicklist.c
+index 54dfb5fb2..0bc88ab8d 100644
+--- a/src/core/nicklist.c
++++ b/src/core/nicklist.c
+@@ -54,23 +54,26 @@ static void nick_hash_add(CHANNEL_REC *channel, NICK_REC *nick)
+
+ static void nick_hash_remove(CHANNEL_REC *channel, NICK_REC *nick)
+ {
+- NICK_REC *list;
++ NICK_REC *list, *newlist;
+
+ list = g_hash_table_lookup(channel->nicks, nick->nick);
+ if (list == NULL)
+ return;
+
+- if (list == nick || list->next == NULL) {
+- g_hash_table_remove(channel->nicks, nick->nick);
+- if (list->next != NULL) {
+- g_hash_table_insert(channel->nicks, nick->next->nick,
+- nick->next);
+- }
++ if (list == nick) {
++ newlist = nick->next;
+ } else {
++ newlist = list;
+ while (list->next != nick)
+ list = list->next;
+ list->next = nick->next;
+ }
++
++ g_hash_table_remove(channel->nicks, nick->nick);
++ if (newlist != NULL) {
++ g_hash_table_insert(channel->nicks, newlist->nick,
++ newlist);
++ }
+ }
+
+ /* Add new nick to list */
Reply to: