diff options
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/patches/99_CVE-2011-4862.patch | 14 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 23 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index b3ccf7b..8b5e977 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +inetutils (2:1.8-6) UNRELEASED; urgency=high + + * Fix buffer overflow in telnetd allowing remote attackers to execute + arbitrary code via a long encryption key. Patch taken from FreeBSD. + CVE-2011-4862 + + -- Guillem Jover <guillem@debian.org> Wed, 28 Dec 2011 02:25:37 +0100 + inetutils (2:1.8-5) unstable; urgency=low * Move man pages from patches to actual files under debian/local/man/ to diff --git a/debian/patches/99_CVE-2011-4862.patch b/debian/patches/99_CVE-2011-4862.patch new file mode 100644 index 0000000..4bb677e --- /dev/null +++ b/debian/patches/99_CVE-2011-4862.patch @@ -0,0 +1,14 @@ +Index: git/libtelnet/encrypt.c +=================================================================== +--- git.orig/libtelnet/encrypt.c 2011-12-25 16:51:52.000000000 +0100 ++++ git/libtelnet/encrypt.c 2011-12-25 16:58:22.441175233 +0100 +@@ -794,6 +794,9 @@ + int dir = kp->dir; + register int ret = 0; + ++ if (len > MAXKEYLEN) ++ len = MAXKEYLEN; ++ + if (!(ep = (*kp->getcrypt) (*kp->modep))) + { + if (len == 0) diff --git a/debian/patches/series b/debian/patches/series index 67158ab..559f31c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -11,3 +11,4 @@ 64_telnetd_ipv6_sockaddrlen.patch 70_ftbfs_non-linux.patch 72_traceroute_fix_setsockopt.patch +99_CVE-2011-4862.patch |