Summary: | app-crypt/mit-krb5 buffer overflow in telnet client | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | kerberos, rphillips | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
URL: | http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt | ||||||
Whiteboard: | B2 [glsa] koon | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-03-29 10:43:39 UTC
*** Bug 85461 has been marked as a duplicate of this bug. *** Created attachment 54784 [details, diff]
Backported patch to 1.3.6
Backported patch for testing
I have added a backported patch for the 1.3.6 branch for testing and verification. Comments please. Audit please verify. Ryan: backport looks ok, please commit as 1.3.6-r2 Ryan/kerberos-herd: please commit the patch Patch has been committed to the -r2 ebuild. Arches, please test 1.3.6-r2 (especially the telnet client) and mark stable Stable on ppc. problems with src_test on amd64 x86_64-pc-linux-gnu-gcc -L../../../lib -Wl,-rpath -Wl,/usr/lib -O2 -march=k8 -pipe -o dbtest dbtest.o -ldb LD_LIBRARY_PATH=`echo -L../../../lib | sed -e "s/-L//g" -e "s/ /:/g"`; export LD_LIBRARY_PATH; srcdir=. TMPDIR=. /bin/sh ./run.test Test 1: btree, hash: small key, small data pairs test1: type hash: failed make[3]: *** [check] Error 1 make[3]: Leaving directory `/var/tmp/portage/mit-krb5-1.3.6-r2/work/krb5-1.3.6/src/util/db2/test' make[2]: *** [check-recurse] Error 1 make[2]: Leaving directory `/var/tmp/portage/mit-krb5-1.3.6-r2/work/krb5-1.3.6/src/util/db2' make[1]: *** [check-recurse] Error 1 make[1]: Leaving directory `/var/tmp/portage/mit-krb5-1.3.6-r2/work/krb5-1.3.6/src/util' make: *** [check-recurse] Error 1 !!! ERROR: app-crypt/mit-krb5-1.3.6-r2 failed. !!! Function src_test, Line 566, Exitcode 0 !!! Make check failed. See above for details. !!! If you need support, post the topmost build error, NOT this status message. --------- Portage 2.0.51.19 (default-linux/amd64/2004.3, gcc-3.4.3, glibc-2.3.4.20040808-r1, 2.6.11-gentoo-r5 x86_64) ================================================================= System uname: 2.6.11-gentoo-r5 x86_64 AMD Athlon(tm) 64 Processor 3500+ Gentoo Base System version 1.4.16 Python: dev-lang/python-2.3.4-r1,dev-lang/python-2.4 [2.4 (#1, Jan 10 2005, 21:27:20)] dev-lang/python: 2.3.4-r1, 2.4 sys-devel/autoconf: 2.59-r6, 2.13 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.4 sys-devel/binutils: 2.15.92.0.2-r1, 2.15.92.0.2-r2 sys-devel/libtool: 1.5.10-r4 virtual/os-headers: 2.6.8.1-r4 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CFLAGS="-O2 -march=k8 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=k8 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig cvs distlocks fixpackages maketest manifest sandbox sfperms sign strict test userpriv usersandbox" GENTOO_MIRRORS="ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://pandemonium.tiscali.de/pub/gentoo/" LANG="en_US.utf8" LC_ALL="en_US.utf8" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage-cvs/gentoo-x86 /usr/local/portage-cvs/gentoo-java-experimental" SYNC="rsync://10.0.0.2/portage" USE="X aalib acpi adns alsa amd64 apache avi berkdb bitmap-fonts bzlib cdr crypt cups curl dba directfb divx4linux dvd dvdr emul-linux-x86 encode esd flac font-server foomaticdb fortran ftp gcj gd gdbm ggi gif gimpprint gpm gtk gtk2 guile icq imagemagick imap imlib ipv6 jack java jikes jp2 jpeg junit ldap libwww lzw lzw-tiff mad mbox mikmod mp3 mpeg multislot mysql nas ncurses nls nptl oggvorbis openal opengl oss pam pcre pdflib perl pic png python quicktime readline ruby samba sdl speex sqlite ssl svg tcpd tetex tiff truetype truetype-fonts type1-fonts unicode usb userlocales wmf xml xml2 xmms xosd xpm xrandr xv xvid zlib" Unset: ASFLAGS, CBUILD, CTARGET, LDFLAGS sparc-tastic! stable on ppc64 luckyduck: could you doublecheck if it's a regression or not ? If the current amd64 stable version displays the same src_test errors (i.e. it's a bug, but not a regression), then please mark stable, we need it for security. If previous version was alright, it's of course different... Stable on mips. stable on amd64, latest stable version has the same problems Stable on alpha. GLSA 200504-04 arm hppa ia64 s390: please mark stable to benefit from GLSA Already stable on hppa |