Bug#949957: buster-pu: package freetds/1.00.104-1+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
Hi
freetds in buster is affected by CVE-2019-13508 (cf. #944012). The
issue was fixed in unstable. This update is to address the issue as
well for buster.
Can you accept this update as well for the next buster point release?
Regards,
Salvatore
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-6-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
diff -u freetds-1.00.104/debian/changelog freetds-1.00.104/debian/changelog
--- freetds-1.00.104/debian/changelog
+++ freetds-1.00.104/debian/changelog
@@ -1,3 +1,10 @@
+freetds (1.00.104-1+deb10u1) buster; urgency=medium
+
+ * Non-maintainer upload.
+ * tds: Make sure UDT has varint set to 8 (CVE-2019-13508) (Closes: #944012)
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Mon, 27 Jan 2020 17:28:42 +0100
+
freetds (1.00.104-1) unstable; urgency=medium
* New upstream release.
diff -u freetds-1.00.104/src/tds/data.c freetds-1.00.104/src/tds/data.c
--- freetds-1.00.104/src/tds/data.c
+++ freetds-1.00.104/src/tds/data.c
@@ -1418,6 +1418,7 @@
tds_get_string(tds, tds_get_usmallint(tds), NULL, 0);
col->column_size = 0x7ffffffflu;
+ col->column_varint_size = 8;
return TDS_SUCCESS;
}
@@ -1425,6 +1426,7 @@
TDS_INT
tds_clrudt_row_len(TDSCOLUMN *col)
{
+ col->column_varint_size = 8;
/* TODO save other fields */
return sizeof(TDSBLOB);
}
Reply to: