| Summary: | <=net-misc/aria2-0.15.3 Buffer overflow in DHTRoutingTableDeserializer.cc (CVE-2009-{3575,3617}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | dev-zero |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://qa.mandriva.com/show_bug.cgi?id=52840 | ||
| Whiteboard: | B2 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Alex Legler (RETIRED)
2009-10-09 11:55:08 UTC
Can we go stable with aria2-1.5.2? A vulnerability was now found in 1.5.2 as well. Backporting the patch would be fairly simple (as it's only about removing a single line), but I would suggest following upstream and bumping to 1.6.2 and stabilizing that. CVE-2009-3617 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3617): Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information. 1.6.3 is in the tree, all tests pass. (In reply to comment #4) > 1.6.3 is in the tree, all tests pass. > Thank you. I just noticed 1.6.2 has been in the tree since 11 Oct as well. Do you want 1.6.2 or 1.6.3 to go stable now? 1.6.3 contains more bugfixes, so go for 1.6.3 if possible Arches, please test and mark stable: =net-misc/aria2-1.6.3 Target keywords : "amd64 x86" x86 stable amd64 stable, all arches done. Request filed. ... and vulnerable version is gone. GLSA 201001-06, thanks everyone. |