Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
From Secunia: A vulnerability has been reported in WeeChat, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the then handling of IRC messages containing certain color codes. This can be exploited to crash the application by sending specially crafted messages to a vulnerable client. The vulnerability is reported in versions prior to 0.2.6.1.
CVE-2009-0661 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0661): Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of service (crash) via a crafted IRC message that contains unspecified "special chars."
In CVS =net-irc/weechat-0.2.6.1 Arches: amd64 ppc x86
amd64 stable
ppc done
Created an attachment (id=187154) [details] net-irc:weechat-0.2.6.1:20090402-210404.log net-irc/weechat-0.2.6.1 USE="perl python spell ssl -debug -lua -ruby" will fail to build when dev-tex/tex4ht-20081103_p0302 is installed (works fine w/o this package), tested on amd64/x86. building docs is automagically enabled, when tex4ht is installed (Build doc..........................: pdf), which fails: make[4]: Entering directory `/var/tmp/portage/net-irc/weechat-0.2.6.1/work/weechat-0.2.6.1/doc/en' /bin/sh /var/tmp/portage/net-irc/weechat-0.2.6.1/work/weechat-0.2.6.1/install-sh -d /var/tmp/portage/net-irc/weechat-0.2.6.1/image//usr/share/doc/weechat/html/en/ /usr/bin/install -c -m 644 html/* /var/tmp/portage/net-irc/weechat-0.2.6.1/image//usr/share/doc/weechat/html/en/ /usr/bin/install -c -m 644 weechat_quickstart.en.txt /var/tmp/portage/net-irc/weechat-0.2.6.1/image//usr/share/doc/weechat/ /usr/bin/install -c -m 644 weechat.en.pdf /var/tmp/portage/net-irc/weechat-0.2.6.1/image//usr/share/doc/weechat/ /usr/bin/install: cannot stat `weechat.en.pdf': No such file or directory make[4]: *** [install-data-hook] Error 1 make[4]: Leaving directory `/var/tmp/portage/net-irc/weechat-0.2.6.1/work/weechat-0.2.6.1/doc/en' make[3]: *** [install-data-am] Error 2 make[3]: Leaving directory `/var/tmp/portage/net-irc/weechat-0.2.6.1/work/weechat-0.2.6.1/doc/en' make[2]: *** [install-am] Error 2 make[2]: Leaving directory `/var/tmp/portage/net-irc/weechat-0.2.6.1/work/weechat-0.2.6.1/doc/en' make[1]: *** [install-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/net-irc/weechat-0.2.6.1/work/weechat-0.2.6.1/doc' make: *** [install-recursive] Error 1 * * ERROR: net-irc/weechat-0.2.6.1 failed. * Call stack: * ebuild.sh, line 49: Called src_install * environment, line 119: Called die * The specific snippet of code: * make DESTDIR="${D}" install || die "make install failed"; * The die message: * make install failed Portage 2.1.6.7 (default/linux/x86/2008.0/desktop, gcc-4.3.2, glibc-2.8_p20080602-r1, 2.6.28.7 i686) ================================================================= System uname: Linux-2.6.28.7-i686-Intel-R-_Core-TM-2_Duo_CPU_T8300_@_2.40GHz-with-glibc2.0 Timestamp of tree: Thu, 02 Apr 2009 19:30:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7-r1, 2.1.6-r1 dev-lang/python: 2.4.4-r14, 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 dev-util/cmake: 2.6.2-r1 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /opt/openfire/resources/security/ /opt/openjms/config /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/lib/fax /usr/share/config /var/bind /var/lib/hsqldb /var/spool/fax/etc /var/spool/torque" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -march=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protect distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict test unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" LINGUAS="en en_GB de" MAKEOPTS="-j2" PKGDIR="/mnt/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl acpi alsa apache2 avahi berkdb bluetooth branding bzip2 cairo cdr cli cracklib crypt cups dbus dri dvd dvdr dvdread eds emboss encode esd evo examples fam firefox fortran gdbm gif gnome gpm gstreamer gtk hal iconv ipv6 isdnlog jpeg kde ldap libnotify mad midi mikmod mp3 mpeg mudflap ncurses nls nptl nptlonly ogg opengl openmp pam pcre pdf perl png ppds pppd python qt3 qt3support qt4 quicktime readline reflection sdl session source spell spl ssl startup-notification svg sysfs tcpd test tiff truetype unicode usb vorbis win32codecs x86 xml xorg xulrunner xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB de" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
(In reply to comment #5) this is not a regression, so this should not hold up stabilization here.
x86 stable, all arches done.
Ready for vote, I vote YES.
For the record: The issue mentioned above is bug 248030.
YES, too. Filed.
GLSA 200904-04. Thanks everyone.
