diff options
author | Guillem Jover <guillem@hadrons.org> | 2011-12-28 02:34:19 +0100 |
---|---|---|
committer | Guillem Jover <guillem@hadrons.org> | 2011-12-28 02:34:19 +0100 |
commit | 324bb3e1d005050a148c28220a2a3e1bb334f61e (patch) | |
tree | 1ee0b7013046ae8d36f4fccfc5d3cb262ad04154 | |
parent | 04304bf6ae778c9b140c33044afe7eb1043719bc (diff) | |
download | inetutils-324bb3e1d005050a148c28220a2a3e1bb334f61e.tar.gz |
Fix buffer overflow in telnetd
Allowing remote attackers to execute arbitrary code via a long
encryption key. Patch taken from FreeBSD. CVE-2011-4862
-rw-r--r-- | debian/changelog | 8 | ||||
-rw-r--r-- | debian/patches/99_CVE-2011-4862.patch | 14 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 23 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index b3ccf7b..8b5e977 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +inetutils (2:1.8-6) UNRELEASED; urgency=high + + * Fix buffer overflow in telnetd allowing remote attackers to execute + arbitrary code via a long encryption key. Patch taken from FreeBSD. + CVE-2011-4862 + + -- Guillem Jover <guillem@debian.org> Wed, 28 Dec 2011 02:25:37 +0100 + inetutils (2:1.8-5) unstable; urgency=low * Move man pages from patches to actual files under debian/local/man/ to diff --git a/debian/patches/99_CVE-2011-4862.patch b/debian/patches/99_CVE-2011-4862.patch new file mode 100644 index 0000000..4bb677e --- /dev/null +++ b/debian/patches/99_CVE-2011-4862.patch @@ -0,0 +1,14 @@ +Index: git/libtelnet/encrypt.c +=================================================================== +--- git.orig/libtelnet/encrypt.c 2011-12-25 16:51:52.000000000 +0100 ++++ git/libtelnet/encrypt.c 2011-12-25 16:58:22.441175233 +0100 +@@ -794,6 +794,9 @@ + int dir = kp->dir; + register int ret = 0; + ++ if (len > MAXKEYLEN) ++ len = MAXKEYLEN; ++ + if (!(ep = (*kp->getcrypt) (*kp->modep))) + { + if (len == 0) diff --git a/debian/patches/series b/debian/patches/series index 67158ab..559f31c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -11,3 +11,4 @@ 64_telnetd_ipv6_sockaddrlen.patch 70_ftbfs_non-linux.patch 72_traceroute_fix_setsockopt.patch +99_CVE-2011-4862.patch |