Bug#235157: marked as done (calife: Calife heap corrupt / potential local root exploit)

[Debian Bug Tracking System]

Your message dated Tue, 04 Oct 2005 11:21:13 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug not present in archive
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 27 Feb 2004 17:29:48 +0000
>From [EMAIL PROTECTED] Fri Feb 27 09:29:48 2004
Return-path: <[EMAIL PROTECTED]>
Received: from delepine.info (orcal.delepine.info) [62.212.105.69] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1Awlo2-0005uE-00; Fri, 27 Feb 2004 09:29:46 -0800
Received: from localhost (localhost [127.0.0.1])
        by orcal.delepine.info (Postfix) with ESMTP
        id 6FBC11BA78; Fri, 27 Feb 2004 18:29:43 +0100 (CET)
Received: from orcal.delepine.info ([127.0.0.1])
        by localhost (orcal [127.0.0.1]) (amavisd-new, port 10024) with LMTP
        id 04834-01; Fri, 27 Feb 2004 18:29:28 +0100 (CET)
Received: from hercule.delepine.info (hercule.machoro.ka [10.1.44.21])
        by orcal.delepine.info (Postfix) with ESMTP
        id 8482E1B5E7; Fri, 27 Feb 2004 18:29:26 +0100 (CET)
Received: by hercule.delepine.info (Postfix, from userid 1000)
        id F2ED21415B; Fri, 27 Feb 2004 18:29:25 +0100 (CET)
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-15"
From: Jean Charles Delepine <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: calife: Calife heap corrupt / potential local root exploit
X-Mailer: reportbug 2.48
Date: Fri, 27 Feb 2004 18:29:25 +0100
Message-Id: <[EMAIL PROTECTED]>
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at delepine.info
Content-Transfer-Encoding: quoted-printable
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_02_27 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-2.2 required=4.0 tests=HAS_PACKAGE,
        UNWANTED_LANGUAGE_BODY autolearn=no 
        version=2.60-bugs.debian.org_2004_02_27
X-Spam-Level: 

Package: calife
Version: 2.8.5-1
Severity: normal
Tags: security

A new calife is out which correct a potential local root exploit :

2004-02-27  Ollivier Robert  <[EMAIL PROTECTED]>

        * 2.8.6.

        ** SECURITY RELEASE **

        * db.c(verify_password): v=E9rification de la valeur de retour de
        getpass(3) et utilisation de strncpy(3) pour recopier le mot de
        passe saisi, sur Linux le buffer g=E9r=E9 par la glibc est corrup=
tible
        et g=E9n=E8re un segfault si le mot de passe pr=E9c=E9demment ent=
r=E9 est
        trop long.

        cf. <URL:http://www.securityfocus.com/archive/1/355510>

Reproductible on Debian/sid :

$ calife delepine
Password: "a" x 4000
Password:
Erreur de segmentation

Please upgrade.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.22-pre10-ac1
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]

Versions of packages calife depends on:
ii  libc6                       2.3.2.ds1-11 GNU C Library: Shared librar=
ies an

-- no debconf information


---------------------------------------
Received: (at 235157-done) by bugs.debian.org; 4 Oct 2005 09:21:52 +0000
>From [EMAIL PROTECTED] Tue Oct 04 02:21:52 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mail.enyo.de [212.9.189.167] 
        by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
        id 1EMizg-0007Kt-00; Tue, 04 Oct 2005 02:21:52 -0700
Received: from deneb.vpn.enyo.de ([212.9.189.177] helo=deneb.enyo.de)
        by albireo.enyo.de with esmtp id 1EMize-0002hB-Uw
        for [EMAIL PROTECTED]; Tue, 04 Oct 2005 11:21:50 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.52)
        id 1EMiz3-0005E9-Ik
        for [EMAIL PROTECTED]; Tue, 04 Oct 2005 11:21:13 +0200
From: Florian Weimer <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Bug not present in archive
Date: Tue, 04 Oct 2005 11:21:13 +0200
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
        version=2.60-bugs.debian.org_2005_01_02

As far as I can tell, all versions in the archive (2.8.4c-1woody1,
2.8.6-1) are fixed, therefore I'm closing this bug.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]