From ${URL} : Florian Weimer of the Red Hat Product Security Team discovered a denial of service flaw in socat. Due to a missing check during assembly of the HTTP request line a long target server name (<hostname> in the documentation) of the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that the attacker is able to provide the target server name to the PROXY-CONNECT address in the command line. This can happen for example in scripts that receive data from untrusted sources. This flaw affects socat versions 1.3.0.0 through to 1.7.2.2; it is corrected in 1.7.2.3. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Arch teams, please test and mark stable: =net-misc/socat-1.7.2.3 Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc sparc x86 Don't worry too much about failing tests. Don't file a bug report about it (we have bug #277104 and bug #294586 already).
Stable for HPPA.
(In reply to Jeroen Roovers from comment #1) > Arch teams, please test and mark stable: > =net-misc/socat-1.7.2.3 > Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc sparc x86 > > Don't worry too much about failing tests. Don't file a bug report about it > (we have bug #277104 and bug #294586 already). You can avoid to mention the masked version(s) in the summary.
amd64 stable
x86 stable
ppc stable
sparc stable
CVE-2014-0019 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0019): Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
alpha stable
ia64 stable
arm stable. Maintainer(s), please cleanup. Security, please vote.
Thanks for your work, cleanup was done by Jeroen GLSA vote: no
GLSA vote: no. Closing as [noglsa]