On 05/13/2013 09:15 PM, Florian Weimer wrote: > * Thijs Kinkhorst: > >> A buffer overflow in the proxy_pass module has been reported by >> Nginx upstream, and a patch made available. Please see: >> http://www.openwall.com/lists/oss-security/2013/05/13/3 >> >> The issue is already fixed in the version in sid, and as far >> as I can see the code is not present in squeeze. >> >> Can you ensure that (a) the RC bug against nginx in sid is dealt with >> so the fixed package can migrate to jessie, and (b) prepare an update >> to wheezy? > Note that the upstream patch is not 100% correct C (the overflow check > can be optimized by the compiler). Therefore, the generated assembly > has to be inspected to ensure that the check is actually in place. > > Here's a bit of background information: > > <http://cert.uni-stuttgart.de/ticker/advisories/c-integer-overflow.html> > <https://www.securecoding.cert.org/confluence/display/seccode/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow> > Hello Florian.
Except the patch is not 100% correct C, does it sounds risky on the security side to patch nginx stable (1.2.1-2.2) ? Thanks. -- Cyril "Davromaniak" Lavier KeyID 59E9A881 http://www.davromaniak.eu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org