First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 131631
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 131631 depends on: Show dependency tree
Bug 131631 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-04-28 21:43 0000 
Integer overflow in the receive_xattr function in the extended
attributes patch (xattr.c) for rsync before 2.6.8 might allow
attackers to execute arbitrary code via crafted extended attributes
that trigger a buffer overflow.

------- Comment #1 From Sune Kloppenborg Jeppesen 2006-04-28 21:57:26 0000 ------- 
This is fixed in 2.6.8 which is already in the tree but the advisory is not
public yet.

Arch Security Liaisons please test and mark stable.

------- Comment #2 From Mark Loeser 2006-04-28 23:45:14 0000 ------- 
x86 all done :)

------- Comment #3 From Tobias Scherbaum 2006-04-29 01:55:39 0000 ------- 
ppc stable

------- Comment #4 From Markus Rothe 2006-04-29 02:37:08 0000 ------- 
stable on ppc64

------- Comment #5 From Thomas Cort (RETIRED) 2006-04-29 09:23:51 0000 ------- 
amd64 stable.

------- Comment #6 From Gustavo Zacarias (RETIRED) 2006-04-29 10:10:12 0000 ------- 
sparc stable.

------- Comment #7 From René Nussbaumer 2006-04-29 12:54:43 0000 ------- 
hppa stable

------- Comment #8 From Bryan Østergaard (RETIRED) 2006-04-30 04:34:11 0000 ------- 
Stable on alpha + ia64.

------- Comment #9 From Markus Rothe 2006-05-02 08:47:20 0000 ------- 
jaervosz: this is already stable on ppc64. or do I miss an argument why you
CC'd us again? Please readd, if I missunderstand this...

------- Comment #10 From Thierry Carrez (RETIRED) 2006-05-02 09:17:21 0000 ------- 
Ready for GLSA. For the drafter :

<< The vulnerable function is only present when the rsync binary was compiled
with the configuration option --enable-xattr-support. This is enabled by
default on Fedora Core 5.

Furthermore, for the rsync server daemon to be exploited, an attacker must
have write access to a module on the server. This is due to the vulnerable
code being called only from the recv_file_list() function, which is used
when receiving files from the connected peer. >>

USE=acl triggers the --enable-xattr-support for Gentoo.

------- Comment #11 From Fabian Groffen 2006-05-03 11:59:24 0000 ------- 
rsync has only ~ppc-macos keywords (no stable keyword for any version).  In
package.mask.  Not stabling.

------- Comment #12 From Sune Kloppenborg Jeppesen 2006-05-05 22:03:30 0000 ------- 
GLSA 200605-05

arm, mips, s390 don't forget to mark stable to benefit from the GLSA.

------- Comment #13 From Joshua Kinard 2006-09-04 00:21:43 0000 ------- 
Stable on mips.
First Last Prev Next    No search results available      Search page      Enter new bug