From ${URL} : * CVE-2013-2298: various stack overflow vulnerabilities in the XML parser used by both the client and server software. I think that any 7.x version is vulnerable, but possibly not the 6.12 branch or earlier. No promises. (Found/reported by me. I notified all public projects I could find who were running obviously-vulnerable copies of the code, in early March.) http://thread.gmane.org/gmane.comp.distributed.boinc.user/3741 2fea03824925cbcb976f4191f4d8321e41a4d95b * Stack overflow in the client code by providing multiple file_signature elements. 6.10.58 and 6.12.34 are vulnerable. 7.x isn't. (This was fixed back in 2011, possibly accidentally.) 9a4140ae30a72e5175f3f31646d91f2d58df7156 * SQL injections in the server-side scheduler code: (Found/reported by me. I warned projects about this at the same time as the the above notifications, hopefully they've mostly patched it..) http://thread.gmane.org/gmane.comp.distributed.boinc.user/3776 3ced18ddaaea5e03d2cc70f8cce5ab214b4d5635 * SQL injections in the user-facing web scripts: (These were possibly found by Michael Vo�, see http://www.mdr.de/mdr-info/hacker-boinc100.html ) http://thread.gmane.org/gmane.comp.distributed.boinc.user/3658 e8d6c33fe158129a5616e18eb84a7a9d44aca15f 6e205de096da83b12ffb2f0183b43e51261eb0c4 ce3110489bc139b8218252ba1cb0862d69f72ae3 And some issues I'm not sure are quite so important: * Stack overflows in the trickle code on server and client side: (Fixed back in 2011, and these were only present in experimental 6.13.x releases, as far as I know.) 5b04b249db166ec38c1ee99a9eadcaa300c0f454 ae04b50a71f3e96ee1bc59b76fca97cf0fe976f7 * From a few days ago, a possible format string issue(?) in the client code: (Noticed by Gianfranco Costamagna/Nicol�s Alvarez judging by the thread) http://thread.gmane.org/gmane.comp.distributed.boinc.devel/6416 99258dcecba8ef36e1ce0fd6e0dacffe53613ac9 * An SQL injection vulnerability in the locality code (apparently only used by one known project), so I mention this just for completeness just in case anyone happens to be using it: 2dbfdc55057b2c1f0508b56244044b1ad34e7cdb @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not
*** Bug 468224 has been marked as a duplicate of this bug. ***
*** Bug 472748 has been marked as a duplicate of this bug. ***
*** Bug 475180 has been marked as a duplicate of this bug. ***
It's been 2 months. What's stopping a testing ebuild for sci-misc/boinc-7.0.65 ?
Marking 2 because the format string issue [1] has the potential for arbitrary code execution.
+*boinc-7.2.0 (30 Jun 2013) + + 30 Jun 2013; Justin Lecher <jlec@gentoo.org> -boinc-7.0.29.ebuild, + +boinc-7.2.0.ebuild, -files/7.0.2-fix_subdirs.patch, + +files/boinc-7.2.0-fix_subdirs.patch, files/boinc.init, + files/generate_tarball.sh, metadata.xml: + Version bump and drop old, fixes: security issue, #467908; link problems, + #464772; correlation with abrupt time changes through ntp, #413041; menu + items with newer x11-libs/wxGTK, #379979 & #376237 +
Fixed, no affected versions, not stable. Closing noglsa.
