193095 2007-09-19 17:13 0000 net-libs/opal <2.2.11 dev-libs/pwlib: Two DoS vulnerabilitues in Ekiga (CVE-2007-{4897,4924}) 2007-10-17 22:16:46 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html B3 [noglsa] P2 minor --- 1 rbu@gentoo.org security@gentoo.org cycloon@is-root.org gentoo-bug@capitanio.org voip@gentoo.org rbu@gentoo.org 2007-09-19 17:13:26 0000 From RedHat: José Miguel Esparza discovered that insufficient input validation is performed on SIP protocol header field 'Content-Length' by opal library used by ekiga. This flaw can be used to write '\0' byte to attacker-controlled address and crash ekiga. Ekiga 2.0.10 using opal library 2.2.10 was released to address this issue. I am not aware whether the versions in our tree are affected, the patch linked to at the RedHat bug references a code that is not in in opal-2.2.8. ( https://bugzilla.redhat.com/296371 ) rbu@gentoo.org 2007-09-19 17:14:52 0000 Whiteboard and cc'ing maintainers. voip, please advise and patch as necessary. rbu@gentoo.org 2007-09-24 22:10:32 0000 voip, please advise. jakub@gentoo.org 2007-10-01 19:37:50 0000 *** Bug 194434 has been marked as a duplicate of this bug. *** rbu@gentoo.org 2007-10-02 08:02:25 0000 voip, please advise. jakub@gentoo.org 2007-10-08 08:08:08 0000 *** Bug 195068 has been marked as a duplicate of this bug. *** gentoo-bug@capitanio.org 2007-10-08 08:47:15 0000 (In reply to comment #5) > *** Bug 195068 has been marked as a duplicate of this bug. *** > that is not "a duplicate of this bug", but actually a small patch and ebuild bump for ekiga-2.0.11 (Jakube, as http://bugs.gentoo.org/buglist.cgi?quicksearch=%23ekiga does't list it, nobody can probably find it.) fauli@gentoo.org 2007-10-08 15:36:45 0000 2.0.11 for both are in the tree rbu@gentoo.org 2007-10-08 22:08:53 0000 Created an attachment (id=132965) pwlib-1.10.1-vsprintf.patch RedHat issued a pwlib advisory for CVE-2007-4897. The CVE info states that Ekiga after 2.0.5 is not affected, which is false according to their bug. https://bugzilla.redhat.com/292831 I'll attach the patch that was also applied to pwlib upstream, we should include this. Sorry I didn't notice earlier. rbu@gentoo.org 2007-10-09 21:17:57 0000 updated pwlib is in the tree now. Arches, please test and mark stable: * dev-libs/pwlib-1.10.10-r1 * net-libs/opal-2.2.6 * net-im/ekiga-2.0.11 Targets are: "alpha amd64 hppa ia64 ppc ppc64 sparc x86" Please also test that the new pwlib also works with its other rrdeps. fauli@gentoo.org 2007-10-10 05:57:53 0000 (In reply to comment #9) > Arches, please test and mark stable: > * net-libs/opal-2.2.6 I think you mean opal 2.2.11? fauli@gentoo.org 2007-10-10 08:11:44 0000 x86 stable rbu@gentoo.org 2007-10-10 08:39:17 0000 (In reply to comment #10) > (In reply to comment #9) > > Arches, please test and mark stable: > > * net-libs/opal-2.2.6 > > I think you mean opal 2.2.11? Yes, my bad. jer@gentoo.org 2007-10-10 16:55:57 0000 Stable for HPPA. kingtaco@gentoo.org 2007-10-11 07:07:28 0000 * dev-libs/pwlib-1.10.10-r1 * net-libs/opal-2.2.6 * net-im/ekiga-2.0.11 amd64 stable rbu@gentoo.org 2007-10-11 09:37:47 0000 (In reply to comment #14) > * dev-libs/pwlib-1.10.10-r1 > * net-libs/opal-2.2.6 > * net-im/ekiga-2.0.11 > > amd64 stable net-libs/opal-2.2.11 please. That was a typo up there. corsair@gentoo.org 2007-10-11 09:44:19 0000 ppc64 stable armin76@gentoo.org 2007-10-11 18:40:48 0000 alpha/ia64/sparc stable rbu@gentoo.org 2007-10-11 20:23:11 0000 amd64 done here. dertobi123@gentoo.org 2007-10-12 16:03:29 0000 ppc stable, ready for glsa-voting jaervosz@gentoo.org 2007-10-17 18:36:14 0000 I vote NO. py@gentoo.org 2007-10-17 22:16:46 0000 voting no too, and closing. 132965 2007-10-08 22:08 0000 pwlib-1.10.1-vsprintf.patch pwlib-1.10.1-vsprintf.patch text/plain LS0tIHNyYy9wdGxpYi9jb21tb24vY29udGFpbi5jeHgub3JpZwkyMDA1LTExLTMwIDEzOjQ3OjQx LjAwMDAwMDAwMCArMDEwMAorKysgc3JjL3B0bGliL2NvbW1vbi9jb250YWluLmN4eAkyMDA3LTA5 LTI3IDEwOjAxOjQ5LjAwMDAwMDAwMCArMDIwMApAQCAtMjQ2NSw3ICsyNDY1LDcgQEAgUFN0cmlu ZyAmIFBTdHJpbmc6OnZzcHJpbnRmKGNvbnN0IGNoYXIgKgogICBQQXNzZXJ0KFNldFNpemUoMjAw MCksIFBPdXRPZk1lbW9yeSk7CiAgIDo6dnNwcmludGYodGhlQXJyYXkrbGVuLCBmbXQsIGFyZyk7 CiAjZWxzZQotICBQSU5ERVggc2l6ZSA9IDA7CisgIFBJTkRFWCBzaXplID0gbGVuOwogICBkbyB7 CiAgICAgc2l6ZSArPSAxMDAwOwogICAgIFBBc3NlcnQoU2V0U2l6ZShzaXplKSwgUE91dE9mTWVt b3J5KTsK