Summary: | <net-misc/curl-7.29.0-r1: "Curl_sasl_create_digest_md5_message()" Buffer Overflow Vulnerability (CVE-2013-0249) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | blueness, gregkh, steffen.weber |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/52103/ | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-02-07 19:12:38 UTC
I just added 7.29.0 to the tree. (In reply to comment #1) > I just added 7.29.0 to the tree. Thanks, Anthony. May we proceed to stabilize =net-misc/curl-7.29.0-r1 ? (In reply to comment #2) > (In reply to comment #1) > > I just added 7.29.0 to the tree. > > Thanks, Anthony. May we proceed to stabilize =net-misc/curl-7.29.0-r1 ? Yes. KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" ppc done Stable for HPPA. amd64 stable arm stable ppc64 stable alpha stable ia64 stable x86 stable sparc stable s390 stable sh stable New GLSA draft filed. CVE-2013-0249 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0249): Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message. Why is this bug still open? <net-misc/curl-7.29.0-r1 is off the tree and glsa is filed. (In reply to Anthony Basile from comment #17) > Why is this bug still open? <net-misc/curl-7.29.0-r1 is off the tree and > glsa is filed. Anthony until GLSA is published, the bug needs to stay in GLSA status: https://wiki.gentoo.org/wiki/Project:Security/GLSA_Coordinator_Guide#Bugs_in_.5Bglsa.5D_status This issue was resolved and addressed in GLSA 201401-14 at http://security.gentoo.org/glsa/glsa-201401-14.xml by GLSA coordinator Sergey Popov (pinkbyte). |