From Secunia: A vulnerability has been reported in Git, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an infinite loop when parsing certain additional request parameters. This can be exploited to cause a high CPU load by sending specially crafted requests to an affected git-daemon. The vulnerability is reported in versions 1.4.4.5 through 1.6.3.2. Other versions may also be affected.
See $URL for a patch.
CVE-2009-2108 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2108): git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.
1.6.3.3 in the tree now. 1.6.3.2 had the vuln as well per Secunia.
Arches, please test and mark stable: =dev-util/git-1.6.3.3 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
* FAIL 21: git add should fail atomically upon an unreadable file git reset --hard && date >foo1 && date >foo2 && chmod 0 foo2 && test_must_fail git add --verbose . && ! ( git ls-files foo1 | grep foo1 ) * ok 7: diff works (commit)* FAIL 22: git add --ignore-errors git reset --hard && date >foo1 && date >foo2 && chmod 0 foo2 && test_must_fail git add --verbose --ignore-errors . && git ls-files foo1 | grep foo1 * FAIL 23: git add (add.ignore-errors) git config add.ignore-errors 1 && git reset --hard && date >foo1 && date >foo2 && chmod 0 foo2 && test_must_fail git add --verbose . && git ls-files foo1 | grep foo1 * FAIL 24: git add (add.ignore-errors = false) git config add.ignore-errors 0 && git reset --hard && date >foo1 && date >foo2 && chmod 0 foo2 && test_must_fail git add --verbose . && ! ( git ls-files foo1 | grep foo1 ) Portage 2.1.6.13 (default/linux/x86/2008.0/desktop, gcc-4.3.2, glibc-2.9_p20081201-r2, 2.6.29-gentoo-r5 i686) ================================================================= System uname: Linux-2.6.29-gentoo-r5-i686-Intel-R-_Core-TM-2_Duo_CPU_T8100_@_2.10GHz-with-glibc2.0 Timestamp of tree: Thu, 25 Jun 2009 07:30:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 2.1.7 dev-lang/python: 2.4.6, 2.5.4-r2 dev-python/pycrypto: 2.0.1-r8 dev-util/cmake: 2.6.4 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.27-r2 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /opt/openfire/resources/security/ /opt/openjms/config /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -march=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="en_EN.UTF8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="en" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X acl acpi alsa apache apache2 apm bash-completion berkdb bluetooth bootsplash branding bzip2 cairo cdr cdrom cli cracklib crypt css cups curl dbus directfb dri dvd dvdr dvdread dvi eds emacs emboss encode escreen esd evo fam fat fbcon fbcondecor ffmpeg firefox foomatic fortran gdbm gif gnome gpm gstreamer gtk hal iconv imlib ipv6 isdnlog jadetex java5 jpeg jpeg2k kde kpathsea laptop latex ldap libnotify libotf lm_sensors m17n-lib mad midi mikmod mmx mono mp3 mpeg mudflap musicbrainz ncurses nls nptl nptl-only nptlonly ntfs objc ogg opengl openmp openssh pam pcre pdf perl pmu png ppds pppd preview-latex python qt3 qt3support qt4 quicktime readline reflection reports sdl session smp spell spl sqlite sse ssl startup-notification svg svga sysfs t1lib tcpd test-framework tetex theora tiff tk toolkit-scroll-bars truetype unicode usb userlocales vorbis win32codecs wmf x86 xft xml xorg xpm xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="synaptics mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="vesa fbdev intel" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
fauli: you ignored the warning at the top of the src_test block: ewarn "You should retest with FEATURES=userpriv!"
It still fails with all USE flags enabled, else it runs fine with FEATURES=userpriv...should I attach the build.log?
fauli: looks like I need to make even more of it depend on FEATURES=userpriv being used. Since it works w/ FEATURES=userpriv and all the USE flags together, you can mark stable in the meantime, i'll tweak the ebuild to require userpriv shortly.
Stable on alpha.
amd64 stable
x86 stable
ppc64 done
ppc done
arm/ia64/s390/sh/sparc stable
i vote YES
YES, too. Request filed.
GLSA 200907-05