From ${URL} : Socat security advisory 6 - Possible DoS with fork Overview socats signal handler implementations are not async-signal-safe and can cause crash or freeze of socat processes Vulnerability Id: (pending) Severity: Low Details Socats signal handler implementations are not asnyc-signal-safe. When a signal is triggered while the process is within a non async-signal-safe function the signal handler will call a non sync-signal-safe function too. POSIX specifies the behaviour in this situation as undefined. Dependend on involved functions, libraries, and operating system, the process can continue, freeze, or crash. Mostly this issue occurs when socat is in listening mode with fork option and a couple of child processes terminate at the same time. Testcase none Affected versions 1.0.0.0 - 1.7.2.4 2.0.0-b1 - 2.0.0-b7 Not affected or corrected versions 1.7.3.0 and later 2.0.0-b8 (to be released) and later Workaround none Download The updated sources can be downloaded from: http://www.dest-unreach.org/socat/download/socat-1.7.3.0.tar.gz Credits Credits to Peter Lobsinger @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Arch teams, please test and mark stable: =net-misc/socat-1.7.3.0 Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc sparc x86
Stable for HPPA.
arm stable
amd64 stable
ppc stable
Waiting for alpha, ia64, sparc and x86.
x86 stable
sparc stable
ia64 stable
alpha stable. Maintainer(s), please cleanup. Security, please vote.
Arches, Thank you for your work. GLSA Vote: No Maintainer(s), please drop the vulnerable version(s).
GLSA Vote: No
Maintainer(s), please drop the vulnerable version(s).
(In reply to Yury German from comment #13) Done.
Maintainer(s), Thank you for you for cleanup.
