Bug 810810 (CVE-2012-2108)

Summary: CVE-2012-2108 Csound: Stack-based buffer overflow in lpc_import
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: paul, pbrobinson, znmeb
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-22 15:14:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 812721    
Bug Blocks: 810821    

Description Huzaifa S. Sidhpurwala 2012-04-09 09:10:17 UTC 
A stack-based buffer-overflow was found in the lpc_import utility. If a specially crafted CSV file was opened by the lpc_import utility, it could cause the application to crash.

Reference:
http://secunia.com/secunia_research/2012-4/

Patch:
http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commit;h=61d1df45ca9a52bab62892a3c3a13c41e6384505
Comment 1 Huzaifa S. Sidhpurwala 2012-04-16 05:30:56 UTC 
Created csound tracking bugs for this issue

Affects: fedora-all [bug 812721]
Comment 2 Peter Robinson 2012-04-16 10:08:54 UTC 
I'm in progress of moving our patches to the latest upstream release, is it fixed in a newer release?
Comment 3 Huzaifa S. Sidhpurwala 2012-04-16 10:15:21 UTC 
Seems so.
Comment 4 Peter Robinson 2012-04-16 10:18:34 UTC 
do you know the minimum release?
Comment 5 Huzaifa S. Sidhpurwala 2012-04-16 10:25:17 UTC 
from the git log , version 5.17  seems to have all the patches discussed.
Comment 6 Peter Robinson 2012-04-16 10:28:33 UTC 
Excellent, will work on merging our patch set and getting a new version in the coming days
Comment 7 Kurt Seifried 2012-04-16 19:33:58 UTC 
Assigned CVE as per http://www.openwall.com/lists/oss-security/2012/04/16/9
Comment 8 Vincent Danen 2013-04-05 15:33:40 UTC 
(In reply to comment #6)
> Excellent, will work on merging our patch set and getting a new version in
> the coming days

Peter, it doesn't seem like this ever happened?  The current version of csound in Fedora still appears vulnerable according to the changelog.
Comment 9 Peter Robinson 2013-04-18 14:05:36 UTC 
I'm working on it as I get the time but they newer builds changed around the build system and a bunch of other stuff and I have to review and rebase patches so it's taking a little longer than I had hoped.
Comment 10 Vincent Danen 2015-08-22 15:15:10 UTC 
Current Fedora has csound 6.03.2 which includes this fix.