[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1036909: marked as done (unblock: sofia-sip/1.12.11+20110422.1+1e14eea~dfsg-6)

Your message dated Thu, 1 Jun 2023 10:43:46 +0200
with message-id <3a66e770-dd69-4f5e-e0a4-5f0a84aa0cdb@debian.org>
and subject line Re: Bug#1036909: unblock: sofia-sip/1.12.11+20110422.1+1e14eea~dfsg-6
has caused the Debian Bug report #1036909,
regarding unblock: sofia-sip/1.12.11+20110422.1+1e14eea~dfsg-6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1036909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036909
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: sofia-sip@packages.debian.org
Control: affects -1 + src:sofia-sip

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please unblock package sofia-sip

I was made aware of another CVE in sofia-sips STUN handling
and have made an upload (debdiff attached) to sid.

Thanks in advance.

PS: I was told I can do it until 12:00 CEST :))


unblock sofia-sip/1.12.11+20110422.1+1e14eea~dfsg-6


-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEuThlVLfdJmvLjimpkPDJsYprShkFAmR0dcMACgkQkPDJsYpr
ShmYKw/9Eyjl90pBOM3PRe15EzUhfL1L047bN73goqIuYgfqXOzSBSg/7agi07ux
JmefVPpilU/tTjtA6We+E7uU26ik41WpNeydgznY495Y1ijy0FZXAazJ8iThVNqL
BQWmY0jUITgUhYnpRke+mfQjvhIIibWN22k33aHb37u+WVsao/LYLJw90SseC3zp
mGd1oiFzP8WDMhUpH8RgDaecI8Uw2nygXKVQxGhXFOnXIgSffQvfLVgS95C2h1SF
9nNIUoKeQgcyw9cqwK+xAlQHFGnS72x+oF3sX289hQcXgPdeyxnLGdukUvCBxWgH
GlQ+etTXHzaNeNScCfMJArrSSk2fIxdkR+NcGbGS7nDbKC8ztpYOEeOpM5vR23WK
0gqLeb+VOApwZpE0HdNbXvSHrF1xOs8EyqsTl51lTfRIO++kf3S99Se7tdP1+PQL
8IpQXZQxeL9hcz8EXZMyNZIvVDLcJ8068W6IajD71rapGWSVW+VlPGbCDOpOpJLl
GQiK8+6QQhHmaWOyjzQxxKrjLdsac3JZQn25dinrRIIyBdzrvolPiaoTxFHeBYlQ
YguSjrUf38NOeZj0psL8sQPR+HPG3esGZltN5gqnChIm8k0qYDdPD0Bvmm67mH1J
+L+j3hM8uD84sY0HXRbSlaQBv65e48YtgPJNllzAKW43TWoC7io=
=Lb2h
-----END PGP SIGNATURE-----

diff -Nru sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/changelog sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/changelog
--- sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/changelog	2023-05-23 05:53:48.000000000 +0200
+++ sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/changelog	2023-05-29 11:36:38.000000000 +0200
@@ -1,3 +1,13 @@
+sofia-sip (1.12.11+20110422.1+1e14eea~dfsg-6) unstable; urgency=medium
+
+  * Add patch to fix reported CVE-2023-32307.
+    For further information see:
+    - CVE-2023-32307[0]
+    [0] https://security-tracker.debian.org/tracker/CVE-2023-32307
+    	https://www.cve.org/CVERecord?id=CVE-2023-32307 (closes: bug#1036847)
+
+ -- Evangelos Ribeiro Tzaras <devrtz-debian@fortysixandtwo.eu>  Mon, 29 May 2023 11:36:38 +0200
+
 sofia-sip (1.12.11+20110422.1+1e14eea~dfsg-5) unstable; urgency=medium
 
   * Add patch to fix reported CVE; add copyright of patch.
diff -Nru sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/0008-stun-add-checks-for-attribute-length-before-read-fro.patch sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/0008-stun-add-checks-for-attribute-length-before-read-fro.patch
--- sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/0008-stun-add-checks-for-attribute-length-before-read-fro.patch	1970-01-01 01:00:00.000000000 +0100
+++ sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/0008-stun-add-checks-for-attribute-length-before-read-fro.patch	2023-05-29 11:31:03.000000000 +0200
@@ -0,0 +1,36 @@
+From: Xu Biang <xubiang@hust.edu.cn>
+Date: Sat, 6 May 2023 05:51:55 +0800
+Subject: stun: add checks for attribute length before read from it
+
+(cherry picked from commit c3bbc50c88d168065de34ca01b9b1d98c1b0e810)
+---
+ libsofia-sip-ua/stun/stun_common.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/libsofia-sip-ua/stun/stun_common.c b/libsofia-sip-ua/stun/stun_common.c
+index 93b53ec..5540d16 100644
+--- a/libsofia-sip-ua/stun/stun_common.c
++++ b/libsofia-sip-ua/stun/stun_common.c
+@@ -250,6 +250,10 @@ int stun_parse_attr_error_code(stun_attr_t *attr, const unsigned char *p, unsign
+   uint32_t tmp;
+   stun_attr_errorcode_t *error;
+ 
++  if (len < 4) {
++    return -1;
++  }
++
+   memcpy(&tmp, p, sizeof(uint32_t));
+   tmp = ntohl(tmp);
+   error = (stun_attr_errorcode_t *) malloc(sizeof(*error));
+@@ -271,6 +275,11 @@ int stun_parse_attr_uint32(stun_attr_t *attr, const unsigned char *p, unsigned l
+ {
+   uint32_t tmp;
+   stun_attr_changerequest_t *cr;
++
++  if (len < 4) {
++    return -1;
++  }
++
+   cr = (stun_attr_changerequest_t *) malloc(sizeof(*cr));
+   memcpy(&tmp, p, sizeof(uint32_t));
+   cr->value = ntohl(tmp);
diff -Nru sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/series sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/series
--- sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/series	2023-05-23 05:53:48.000000000 +0200
+++ sofia-sip-1.12.11+20110422.1+1e14eea~dfsg/debian/patches/series	2023-05-29 11:31:03.000000000 +0200
@@ -5,3 +5,4 @@
 0003-cve-fix-heap-overflow-by-two.patch
 0004-cve-check-stun-message-and-attr-len.patch
 0005-cve-dos-wrong-assert.patch
+0008-stun-add-checks-for-attribute-length-before-read-fro.patch

--- End Message ---
--- Begin Message --- 
Hi,

On 29-05-2023 11:52, Evangelos Ribeiro Tzaras wrote:

PS: I was told I can do it until 12:00 CEST :))


on *28* of May.


unblock sofia-sip/1.12.11+20110422.1+1e14eea~dfsg-6


anyways, unblocked.

Paul

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


--- End Message ---
Reply to: