Bug 284561 (CVE-2008-7159)

Comment 1 Alex Legler (RETIRED) 2009-09-11 08:29:52 UTC

CVE-2008-7159 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-7159):
  The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in
  Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows
  remote attackers to overwrite a stack location and possibly execute
  arbitrary code via a crafted OID value, related to incorrect use of a
  %lu format string.

CVE-2008-7160 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-7160):
  The silc_http_server_parse function in lib/silchttp/silchttpserver.c
  in the internal HTTP server in silcd in Secure Internet Live
  Conferencing (SILC) Toolkit before 1.1.9 allows remote attackers to
  overwrite a stack location and possibly execute arbitrary code via a
  crafted Content-Length header, related to incorrect use of a %lu
  format string.

CVE-2009-3051 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3051):
  Multiple format string vulnerabilities in
  lib/silcclient/client_entry.c in Secure Internet Live Conferencing
  (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow
  remote attackers to execute arbitrary code via format string
  specifiers in a nickname field, related to the (1)
  silc_client_add_client, (2) silc_client_update_client, and (3)
  silc_client_nickname_format functions.

Comment 2 Alex Legler (RETIRED) 2009-09-11 08:35:05 UTC

*** Bug 280474 has been marked as a duplicate of this bug. ***

Comment 3 Alex Legler (RETIRED) 2009-09-11 08:38:35 UTC

CVE-2009-3163 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3163):
  Multiple format string vulnerabilities in lib/silcclient/command.c in
  Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and
  SILC Client 1.1.8 and earlier, allow remote attackers to execute
  arbitrary code via format string specifiers in a channel name,
  related to (1) silc_client_command_topic, (2)
  silc_client_command_kick, (3) silc_client_command_leave, and (4)
  silc_client_command_users.

Comment 4 Stefan Behte (RETIRED) 2009-11-06 15:22:11 UTC

net-irc: *ping*

Comment 5 Lars Wendler (Polynomial-C) (RETIRED) 2010-04-17 19:29:47 UTC

+*silc-toolkit-1.1.10 (17 Apr 2010)
+
+  17 Apr 2010; Lars Wendler <polynomial-c@gentoo.org>
+  +silc-toolkit-1.1.10.ebuild:
+  non-maintainer commit: version bump for security bug #284561
+  Converted ebuild to EAPI-2 and did some cleanups but there are still some
+  QA warnings about LDFLAGS.
+

Comment 6 Lars Wendler (Polynomial-C) (RETIRED) 2010-04-21 19:50:07 UTC

*silc-client-1.1.8 (19 Apr 2010)

  19 Apr 2010; Lars Wendler <polynomial-c@gentoo.org>
  +silc-client-1.1.8.ebuild, +files/silc-client-1.1.8-docdir.patch:
  non-maintainer commit: version bump for security bug #284561
  Converted ebuild to EAPI-2 and did some cleanups but there are still some
  QA warnings about LDFLAGS.

Comment 7 Alex Legler (RETIRED) 2010-04-21 19:53:09 UTC

Arches, please test and mark stable:
=net-im/silc-toolkit-1.1.10
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"

=net-im/silc-client-1.1.8
Target keywords : "amd64 ppc sparc x86"

Comment 8 Andreas Schürch 2010-04-22 07:28:03 UTC

I tested both packages on x86, they seem to be fine.

Comment 9 Christian Faulhammer (RETIRED) 2010-04-22 12:12:42 UTC

x86 stable

Comment 10 Jeroen Roovers (RETIRED) 2010-04-23 14:39:08 UTC

Stable for HPPA.

Comment 11 Raúl Porcel (RETIRED) 2010-04-23 19:46:28 UTC

alpha/arm/ia64/sparc stable

Comment 12 Markus Meier 2010-04-26 19:04:30 UTC

amd64 stable

Comment 13 Brent Baude (RETIRED) 2010-04-30 14:38:38 UTC

ppc done

Comment 14 Brent Baude (RETIRED) 2010-04-30 14:42:30 UTC

ppc64 done too

Comment 15 Stefan Behte (RETIRED) 2010-05-22 11:18:22 UTC

glsa request filed

Comment 16 Alex Legler (RETIRED) 2010-06-02 21:26:32 UTC

GLSA 201006-07