Summary: | <dev-vcs/cvs-1.12.12-r11: heap-based overflow in client on bad proxy response (CVE-2012-0804) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Petr Pisar <petr.pisar> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | cvs-utils+obsolete |
Priority: | Normal | Flags: | kensington:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve cleanup] | ||
Package list: |
=dev-vcs/cvs-1.12.12-r11
|
Runtime testing required: | --- |
Description
Petr Pisar
2012-02-07 19:57:50 UTC
The proposed patch from the Red Hat bug: https://bugzilla.redhat.com/attachment.cgi?id=559993&action=diff&context=patch&collapsed=&headers=1&format=raw CVE-2012-0804 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0804): Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response. We still don't seem to carry the patch for this issue, and I have been unavailable to discover a release containing it. I propose to patch the current CVS version to fix this issue as no new release seems likely at this point. Redhat patch: https://bugzilla.redhat.com/show_bug.cgi?id=784141 Affected versions still in tree with no patch. I've opened a pull request https://github.com/gentoo/gentoo/pull/2627 which in particular adds the redhat patch. Thanks to Felix and everyone involved into the bump! @ Arches, please mark stable: =dev-vcs/cvs-1.12.12-r11 Stable target(s): alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 amd64 stable x86 stable Stable on alpha. arm stable ppc stable ppc64 stable Stable for HPPA. sparc stable ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. New GLSA request filed. This issue was resolved and addressed in GLSA 201701-44 at https://security.gentoo.org/glsa/201701-44 by GLSA coordinator Thomas Deutschmann (whissi). |