760714 – (CVE-2020-26566) <media-video/motion-4.3.2: segmentation fault via crafted HTTP request (CVE-2020-26566)

Bug 760714 (CVE-2020-26566) - <media-video/motion-4.3.2: segmentation fault via crafted HTTP request (CVE-2020-26566)

Summary: <media-video/motion-4.3.2: segmentation fault via crafted HTTP request (CVE-2...

Status:	RESOLVED FIXED

Alias:	CVE-2020-26566

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:	https://github.com/Motion-Project/mot...
Whiteboard:	B3 [glsa+]
Keywords:

Depends on:
Blocks:

Reported:	2020-12-19 09:04 UTC by John Helmert III
Modified:	2022-08-10 22:34 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2020-12-19 09:04:16 UTC

CVE-2020-26566 (https://github.com/Motion-Project/motion/issues/1227):

A Denial of Service condition in Motion-Project Motion 3.2 through 4.3.1 allows remote unauthenticated users to cause a webu.c segmentation fault and kill the main process via a crafted HTTP request.


Maintainers, please let us know when ready to stable.

Comment 1 Johannes Willem (Hans) Fernhout 2020-12-29 09:54:57 UTC

The differences between 4.3.2 and 4.3.1 are only two bug fixes, including a fix for this CVE.

Suggest to stabilize 4.3.2, and mask 4.3.1.

Comment 2 Sam James archtester

2020-12-31 04:13:14 UTC

(In reply to Johannes Willem (Hans) Fernhout from comment #1)
> The differences between 4.3.2 and 4.3.1 are only two bug fixes, including a
> fix for this CVE.
> 
> Suggest to stabilize 4.3.2, and mask 4.3.1.

Thanks!

Comment 3 Sam James archtester

2021-01-01 23:00:19 UTC

amd64 done

Comment 4 Sam James archtester

2021-01-04 09:32:14 UTC

x86 done

all arches done

Comment 5 Sam James archtester

2021-01-04 09:33:15 UTC

Please cleanup, thanks!

Comment 6 NATTkA bot gentoo-dev

2021-04-14 10:00:25 UTC Comment hidden (obsolete)

Unable to check for sanity:

> no match for package: media-video/motion-4.3.2

Comment 7 Larry the Git Cow gentoo-dev

2021-04-14 14:44:03 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c500354ad3a2355db99d0cef849f0b7ba9b79dc

commit 6c500354ad3a2355db99d0cef849f0b7ba9b79dc
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2021-04-14 14:36:32 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2021-04-14 14:43:43 +0000

    media-video/motion: security cleanup (drop <4.3.1)
    
    Bug: https://bugs.gentoo.org/760714
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 media-video/motion/Manifest              |   1 -
 media-video/motion/files/motion.confd-r4 |  28 --------
 media-video/motion/files/motion.initd-r4 |  30 ---------
 media-video/motion/motion-4.3.1.ebuild   | 107 -------------------------------
 4 files changed, 166 deletions(-)

Comment 8 NATTkA bot gentoo-dev

2021-07-29 17:24:57 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 9 NATTkA bot gentoo-dev

2021-07-29 17:33:28 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 10 NATTkA bot gentoo-dev

2021-07-29 17:41:21 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 11 NATTkA bot gentoo-dev

2021-07-29 17:49:30 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 12 NATTkA bot gentoo-dev

2021-07-29 18:05:25 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 13 NATTkA bot gentoo-dev

2021-07-29 18:13:43 UTC

Package list is empty or all packages have requested keywords.

Comment 14 John Helmert III archtester

2022-08-10 18:49:25 UTC

GLSA request filed

Comment 15 Larry the Git Cow gentoo-dev

2022-08-10 22:33:41 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=a16853d3c1571d38169ea77acb931f5924d5abfe

commit a16853d3c1571d38169ea77acb931f5924d5abfe
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-10 22:31:25 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-08-10 22:33:20 +0000

    [ GLSA 202208-18 ] Motion: Denial of service
    
    Bug: https://bugs.gentoo.org/760714
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202208-18.xml | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

Comment 16 John Helmert III archtester

2022-08-10 22:34:45 UTC

GLSA released, all done!