Bug#1027264: bullseye pu: traceroute/2.1.0-2+deb11u1
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
Hi RMs,
Quite recently a new traceroute version was released. Most importantly
it fixes an excessive CPU consumption on one core (it's not
multi-threaded). It's easy to trigger it, but not considered a
security issue. All you have to do is to try an IPv4 mapped IPv6
address:
$ traceroute ::ffff:127.0.0.1
One CPU core will go on 100% and it will not stop until you ^C or kill
it. The fix is small and could be backported easily. It is tested,
builds correctly and fixes this issue on Bullseye.
Thanks for considering,
Laszlo/GCS
diff -Nru traceroute-2.1.0/debian/changelog traceroute-2.1.0/debian/changelog
--- traceroute-2.1.0/debian/changelog 2016-08-29 17:45:51.000000000 +0200
+++ traceroute-2.1.0/debian/changelog 2022-12-29 08:27:50.000000000 +0100
@@ -1,3 +1,10 @@
+traceroute (1:2.1.0-2+deb11u1) bullseye; urgency=medium
+
+ * Backport upstream fix to interpret ipv4-mapped ipv6 addresses
+ (::ffff:A.B.C.D) as true ipv4.
+
+ -- Laszlo Boszormenyi (GCS) <gcs@debian.org> Thu, 29 Dec 2022 08:27:50 +0100
+
traceroute (1:2.1.0-2) unstable; urgency=low
* Update Standards-Version to 3.9.8 .
diff -Nru traceroute-2.1.0/debian/patches/08-interpret_ipv4-mapped_ipv6_addresses.patch traceroute-2.1.0/debian/patches/08-interpret_ipv4-mapped_ipv6_addresses.patch
--- traceroute-2.1.0/debian/patches/08-interpret_ipv4-mapped_ipv6_addresses.patch 1970-01-01 01:00:00.000000000 +0100
+++ traceroute-2.1.0/debian/patches/08-interpret_ipv4-mapped_ipv6_addresses.patch 2022-12-29 01:32:42.000000000 +0100
@@ -0,0 +1,18 @@
+--- a/traceroute/traceroute.c 2016-03-07 23:17:23.000000000 +0100
++++ b/traceroute/traceroute.c 2022-12-27 01:28:15.000000000 +0100
+@@ -223,6 +223,15 @@
+
+ freeaddrinfo (res);
+
++ /* No v4mapped addresses in real network, interpret it as ipv4 anyway */
++ if (addr->sa.sa_family == AF_INET6 &&
++ IN6_IS_ADDR_V4MAPPED (&addr->sin6.sin6_addr)
++ ) {
++ if (af == AF_INET6) return -1;
++ addr->sa.sa_family = AF_INET;
++ addr->sin.sin_addr.s_addr = addr->sin6.sin6_addr.s6_addr32[3];
++ }
++
+ return 0;
+ }
+
diff -Nru traceroute-2.1.0/debian/patches/series traceroute-2.1.0/debian/patches/series
--- traceroute-2.1.0/debian/patches/series 2016-08-29 17:45:51.000000000 +0200
+++ traceroute-2.1.0/debian/patches/series 2022-12-29 01:34:20.000000000 +0100
@@ -5,3 +5,4 @@
05-manpage-p.patch
06-build.patch
07-reproducible-build.patch
+08-interpret_ipv4-mapped_ipv6_addresses.patch
Reply to: