Bug 477227 (CVE-2008-5514)
Summary: | CVE-2008-5514 libc-client: buffer overflow in rfc822_output_char / rfc822_output_data | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | jdennis, jima, jorton, joshuadfranklin, rdieter | ||||
Target Milestone: | --- | Keywords: | Reopened, Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2013-12-07 14:03:39 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 770368, 770369 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Tomas Hoger
2008-12-19 18:41:51 UTC
Created attachment 327481 [details]
Upstream patch
imap/libc-client source code is also embedded in alpine sources. This issue was already fixed in alpine SVN: https://svn.cac.washington.edu/public/alpine/snapshots/ However, it's not clear whether this flaw is really triggerable in alpine. This issue did not affect versions of imap as shipped in Red Hat Enterprise Linux 2.1 and 3, and libc-client in Red Hat Enterprise Linux 4 and 5, as they do not include affected functions. They seem to have been introduced in imap-2005. Additionally, according to upstream, this flaw most likely does not affect impad, but may affect other applications using c-client, such as PHP. Rex, I see new 2007e uw-imap in Koji and no update request. Any known issues with new 2007e? Can they be submitted as updates? updates need to happen yes. I just didn't personally have time... and asked my fedora comaintainers to issue an update (I suppose everyone is busy). uw-imap-2007e-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/uw-imap-2007e-1.fc10 uw-imap-2007e-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/uw-imap-2007e-1.fc9 Testing update requests submitted. uw-imap-2007e-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. uw-imap-2007e-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. This also reportedly affects alpine http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=653238 Created alpine tracking bugs for this issue Affects: fedora-all [bug 770368] Affects: epel-all [bug 770369] Looks like Fedora/EPEL alpine has this patch already. Looks like Debian is based off the dead upstream project 2.00, while we base off [re-]alpine 2.02 from http://re-alpine.sourceforge.net/ The patch was applied upstream 10 Jun 2009 by Andraž Levstik with note "updated imap to 2007e per Mark Crispin's suggestion": http://re-alpine.git.sourceforge.net/git/gitweb.cgi?p=re-alpine/re-alpine;a=commitdiff;h=3f20a0fc24537497ca1291ed04c8fb9848a19978;hp=1880d23af62bfdd11c9b43235429b81984093c99 I'll close NOTABUG but feel free to recommend otherwise, for example if it would make sense to mention the CVE in a changelog entry even just for bookkeeping purposes. (In reply to comment #16) > Looks like Fedora/EPEL alpine has this patch already. Looks like Debian is > based off the dead upstream project 2.00, while we base off [re-]alpine 2.02 > from http://re-alpine.sourceforge.net/ EPEL is using 2.00 too, and does not seem to have fix applied. EPEL-4: http://koji.fedoraproject.org/packages/alpine/2.00/1.el4 EPEL-5: http://koji.fedoraproject.org/packages/alpine/2.00/1.el5 EPEL-6: http://koji.fedoraproject.org/packages/alpine/2.00/9.el6 Oh my, better fix that. I just committed a new 2.02-3 spec to el5 branch, mockbuild worked for me but build failed on koji just now so I'll work some more on this to get all the EPELs updated. http://pkgs.fedoraproject.org/gitweb/?p=alpine.git;a=commitdiff;h=d18633bd1ab8cda7bf96240aa6a29ec178166b52 Well, I've failed to wrangle el4 into shape (the ole "cpio: MD5 sum mismatch" error from mock) but here's the el5 and el6: https://admin.fedoraproject.org/updates/alpine-2.02-3.el5 https://admin.fedoraproject.org/updates/alpine-2.02-3.el6 (In reply to comment #19) > Well, I've failed to wrangle el4 into shape (the ole "cpio: MD5 sum mismatch" > error from mock) Have you tried creating SRPM using rpmbuild-md5 from fedora-packager? Thanks, rpmbuild-md5 -bs --define 'dist .el4' alpine.spec did the trick. Here's all three, this bug and the epel child should automatically close once they get enough karma to head to stable: https://admin.fedoraproject.org/updates/alpine-2.02-3.el4 https://admin.fedoraproject.org/updates/alpine-2.02-3.el5 https://admin.fedoraproject.org/updates/alpine-2.02-3.el6 |