Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 180203
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Diego E. 'Flameeyes' Pettenò <flameeyes@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 180203 depends on: 180117 Show dependency tree
Bug 180203 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-05-29 10:45 0000 
Florian Steinel reported this to me as I didn't know about it at all; I'll look
into backporting the fixes to 0.9.5, but I'm not really sure if that's
feasible, considering the sheer quantity.

Security team please advise.

Thanks in Advance,
Diego

------- Comment #1 From Diego E. 'Flameeyes' Pettenò 2007-05-29 11:17:47 0000 ------- 
I've added pulseaudio-0.9.5-r5 with a patch that should fix all the
vulnerabilities. There should be no problem with that going stable, as 0.9.6
stable right now is not something I'd like to see myself.

------- Comment #2 From Sune Kloppenborg Jeppesen 2007-05-30 05:58:56 0000 ------- 
Thx Diego!

Arches please test and mark stable. Target keywords are:

pulseaudio-0.9.5-r5.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sh
sparc x86 ~x86-fbsd"

------- Comment #3 From Andrej Kacian (RETIRED) 2007-05-30 09:54:42 0000 ------- 
Looks like it's not all fixed:

ticho@hiker ~ $ ps ax | grep pulse
29103 ?        Ss     0:00 /usr/bin/pulseaudio --log-target=syslog
--disallow-module-loading=1 --system --fail=1 --daemonize=1 --system
29118 pts/3    R+     0:00 grep --colour=auto pulse
ticho@hiker ~ $ ./p 1 localhost

Pulseaudio <= 0.9.5 (rev 1437) termination 0.1
by Luigi Auriemma
e-mail: aluigi@autistici.org
web:    aluigi.org

- check localhost
- connect to 127.0.0.1:4713
- check if the server is still up:

  Server doesn't seem vulnerable

ticho@hiker ~ $ ./p 2 localhost

Pulseaudio <= 0.9.5 (rev 1437) termination 0.1
by Luigi Auriemma
e-mail: aluigi@autistici.org
web:    aluigi.org

- check localhost
- connect to 127.0.0.1:4713
- check if the server is still up:

  Server IS vulnerable!!!

ticho@hiker ~ $ ps ax | grep pulse
29126 pts/3    S+     0:00 grep --colour=auto pulse
ticho@hiker ~ $ 


The "p" binary comes from compiling the pulsex.zip source at
http://aluigi.org/poc/pulsex.zip

------- Comment #4 From Andrej Kacian (RETIRED) 2007-05-30 09:59:17 0000 ------- 
Oh, and of course:

ticho@hiker ~ $ emerge -pv pulseaudio --nodeps

These are the packages that would be merged, in order:

[ebuild   R   ] media-sound/pulseaudio-0.9.5-r5  USE="X alsa hal oss tcpd
-avahi -caps -jack -lirc" 0 kB 

Total: 1 package (1 reinstall), Size of downloads: 0 kB

------- Comment #5 From Sune Kloppenborg Jeppesen 2007-05-30 12:23:55 0000 ------- 
Back to ebuild.

------- Comment #6 From Diego E. 'Flameeyes' Pettenò 2007-05-30 15:06:51 0000 ------- 
Sigh, I missed one revision; I've bumped to -r6 and should be fine now; I
probably forgot to restart pulseaudio when I testcased the patch (and I had
0.9.6 running).

------- Comment #7 From Sune Kloppenborg Jeppesen 2007-05-30 17:25:28 0000 ------- 
Thx Diego and Ticho for checking.

Please test and mark stable. Target keywords are:

pulseaudio-0.9.5-r6.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sh
sparc x86 ~x86-fbsd"

------- Comment #8 From Gustavo Zacarias (RETIRED) 2007-05-30 18:40:13 0000 ------- 
sparc stable.

------- Comment #9 From René Nussbaumer 2007-05-30 20:52:34 0000 ------- 
stable on hppa

------- Comment #10 From Andrej Kacian (RETIRED) 2007-05-30 21:25:52 0000 ------- 
Gah, back from work at last. -r6 looks good, marked stable on x86.

------- Comment #11 From Peter Weller 2007-06-01 08:14:33 0000 ------- 
amd64 done

------- Comment #12 From Markus Rothe 2007-06-02 08:07:24 0000 ------- 
ppc64 stable

------- Comment #13 From René Nussbaumer 2007-06-02 18:57:47 0000 ------- 
forgot to take a note about the ppc stablize. Done that now.

------- Comment #14 From Raúl Porcel 2007-06-02 21:08:43 0000 ------- 
alpha/ia64 stable

------- Comment #15 From Sune Kloppenborg Jeppesen 2007-06-03 06:32:58 0000 ------- 
This one is ready for GLSA vote. I vote NO.

------- Comment #16 From Stefan Cornelius (RETIRED) 2007-06-03 09:25:37 0000 ------- 
voting NO.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug