Summary: | <net-misc/quagga-1.1.0-r2: denial of service vulnerability in BGP routing daemon (CVE-2016-4049) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | pinkbyte, tobias.pal |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1331372 | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: |
=net-misc/quagga-1.1.0-r2
=dev-libs/protobuf-c-1.1.1 hppa
=dev-libs/protobuf-2.6.1-r3 hppa
=dev-python/google-apputils-0.4.2-r1 hppa
|
Runtime testing required: | Yes |
Bug Depends on: | 603430 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2016-04-29 11:33:10 UTC
@ Maintainer(s): Please bump to v1.0.20161017 which does contain
> commit 7da28be5bafb31af75f796abb04aa1d09276d66d
> Author: Evgeny Uskov
> Date: Wed Jan 13 13:58:00 2016 +0300
>
> bgpd: Fix buffer overflow error in bgp_dump_routes_func
>
> Now if the number of entries for some prefix is too large, multiple
> TABLE_DUMP_V2 records are created. In the previous version in such
> situation bgpd crashed with SIGABRT.
which will fix this vulnerability.
Quagga 1.0.20161017 was released on 17th October and contains only a handful of commits which are all fixes[1], so it would be really nice to have it updated. [1] https://savannah.nongnu.org/forum/forum.php?forum_id=8708 This vulnerability was fixed in currently unstable quagga-1.1-r1 Arches, please test and mark stable =net-misc/quagga-1.1-r1 Target keywords: alpha amd64 arm hppa ppc sparc x86 (In reply to Sergey Popov from comment #3) > This vulnerability was fixed in currently unstable quagga-1.1-r1 > > Arches, please test and mark stable =net-misc/quagga-1.1-r1 > > Target keywords: alpha amd64 arm hppa ppc sparc x86 Arches, please test and mark stable =net-misc/quagga-1.1.0-r1 Target keywords: alpha amd64 arm hppa ppc sparc x86 CVE-2016-4049 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4049): The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet. An automated check of this bug failed - the following atom is unknown: net-misc/quagga-1.1-r1 Please verify the atom list. Stable on alpha. Stable on amd64. An automated check of this bug failed - the following atom is unknown: net-misc/quagga-1.1-r1 Please verify the atom list. An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad net-misc/quagga/quagga-1.1.0-r1.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['dev-libs/protobuf:0=']
> dependency.bad net-misc/quagga/quagga-1.1.0-r1.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['dev-libs/protobuf:0=']
An automated check of this bug failed - the following atom is unknown: net-misc/quagga-1.1.0-r2 Please verify the atom list. x86 stable An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad net-misc/quagga/quagga-1.1.0-r2.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['dev-libs/protobuf-c:0=']
> dependency.bad net-misc/quagga/quagga-1.1.0-r2.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['dev-libs/protobuf-c:0=']
arm stable An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad net-misc/quagga/quagga-1.1.0-r2.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['dev-libs/protobuf-c:0=']
> dependency.bad net-misc/quagga/quagga-1.1.0-r2.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['dev-libs/protobuf-c:0=']
@ HPPA AT: You need to stabilize =dev-libs/protobuf-c-1.1.1 and =dev-libs/protobuf-2.6.1-r3 as well (bug 603430, added to this list because it looks like that the new stabilization bot helper doesn't recognize that the bug is only assigned to hppa). An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad dev-libs/protobuf/protobuf-2.6.1-r3.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['dev-python/google-apputils[python_targets_python2_7(-)?,-python_single_target_python2_7(-)]']
An automated check of this bug failed - repoman reported dependency errors:
> dependency.bad dev-python/google-apputils/google-apputils-0.4.2-r1.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=dev-python/python-gflags-1.4[python_targets_python2_7(-)?,-python_single_target_python2_7(-)]', 'dev-python/mox[python_targets_python2_7(-)?,-python_single_target_python2_7(-)]']
> dependency.bad dev-python/google-apputils/google-apputils-0.4.2-r1.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=dev-python/python-gflags-1.4[python_targets_python2_7(-)?,-python_single_target_python2_7(-)]']
Stable for HPPA. An automated check of this bug succeeded - the previous repoman errors are now resolved. ppc stable sparc stable. Maintainer(s), please cleanup. Security, please vote. This issue was resolved and addressed in GLSA 201701-48 at https://security.gentoo.org/glsa/201701-48 by GLSA coordinator Aaron Bauman (b-man). reopened for cleanup. @maintainer, please clean the vulnerable version or let us know if a security mask is needed. Cleanup is done, thanks guys |