Your message dated Thu, 02 May 2019 20:33:36 +0000
with message-id <[email protected]>
and subject line Bug#927553: fixed in atftp 0.7.git20120829-3.1
has caused the Debian Bug report #927553,
regarding atftp: CVE-2019-11365 CVE-2019-11366
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
927553: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927553
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: atftp
Version: 0.7.git20120829-3
Severity: grave
Tags: patch security upstream
Hi,
The following vulnerabilities were published for atftp.
CVE-2019-11365[0]:
| An issue was discovered in atftpd in atftp 0.7.1. A remote attacker
| may send a crafted packet triggering a stack-based buffer overflow due
| to an insecurely implemented strncpy call. The vulnerability is
| triggered by sending an error packet of 3 bytes or fewer. There are
| multiple instances of this vulnerable strncpy pattern within the code
| base, specifically within tftpd_file.c, tftp_file.c, tftpd_mtftp.c,
| and tftp_mtftp.c.
CVE-2019-11366[1]:
| An issue was discovered in atftpd in atftp 0.7.1. It does not lock the
| thread_list_mutex mutex before assigning the current thread data
| structure. As a result, the daemon is vulnerable to a denial of
| service attack due to a NULL pointer dereference. If thread_data is
| NULL when assigned to current, and modified by another thread before a
| certain tftpd_list.c check, there is a crash when dereferencing
| current->next.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-11365
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11365
https://sourceforge.net/p/atftp/code/ci/abed7d245d8e8bdfeab24f9f7f55a52c3140f96b/
[1] https://security-tracker.debian.org/tracker/CVE-2019-11366
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11366
https://sourceforge.net/p/atftp/code/ci/382f76a90b44f81fec00e2f609a94def4a5d3580/
[2] https://pulsesecurity.co.nz/advisories/atftpd-multiple-vulnerabilities
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: atftp
Source-Version: 0.7.git20120829-3.1
We believe that the bug you reported is fixed in the latest version of
atftp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated atftp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 29 Apr 2019 19:37:52 +0200
Source: atftp
Architecture: source
Version: 0.7.git20120829-3.1
Distribution: unstable
Urgency: high
Maintainer: Ludovic Drolez <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 927553
Changes:
atftp (0.7.git20120829-3.1) unstable; urgency=high
.
* Non-maintainer upload.
* Fix concurrency issue denial of service (CVE-2019-11366) (Closes: #927553)
* Fix error handler stack overflow (CVE-2019-11365) (Closes: #927553)
Checksums-Sha1:
21dcbee9f090bf3b96cb7b8a2b92eaa92ba3fdb4 1955 atftp_0.7.git20120829-3.1.dsc
6e41cb56c6d0124f98d1e662057a1ffc93d0cc5d 37239
atftp_0.7.git20120829-3.1.diff.gz
Checksums-Sha256:
d3e7559cd708eeedd1b538f26ca63909b123481e7caada1f739137735ea61418 1955
atftp_0.7.git20120829-3.1.dsc
a30af9010af918024efb4d312f64bd02c4ce7eeef36230f7faf6fc7f89a1a03b 37239
atftp_0.7.git20120829-3.1.diff.gz
Files:
0492ca7e3de16fa24c222771763f7b86 1955 net extra atftp_0.7.git20120829-3.1.dsc
d0e5ecf7643643fdcaea26761a209cf6 37239 net extra
atftp_0.7.git20120829-3.1.diff.gz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlzIqBpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ESoIP/0IDpCy4J1gbkTuMywkKSodAiRZ3kAm4
E/CrwOOyPOCQSD/OTlbmvSaVJIfPuIyPnzUIPR8t8+qrbHl/QoAzR8hbT+QHYRer
x6NRdVpTWr0G/sBIaTKpWBSTVNpFuOm/KKrMtGwnGZi2DWYpc/pEyn3nRfYDYlit
u7YNkEPfecrcvE+22dsJdvADJIOT8yNJ+nM+WPe4ZbB+TIDyPZ41Z0AGUG039Y/2
3BRxpndZ5FJyB49zJ2O8pkzFdXq9pmmwaJJfb0pB5Z1OQlKrj6ODHz2WgC3JyAy4
ZYAzrC87h9DLOgaQuNrMsPm+eYbWitSTu4+IMm8g7tyu0frlIgQAmYRpTvIjz5cg
RaDcQGwduDpjMG5BUV0KWTKJgR+VtNfbIH2ThPB3EjNrhJ3HMlOd4PNb3uGEcNWW
EyQ8VIAmysSJQzKJz8v7ObngPVD4GbbYjIjHOD2DL+N5PQoudxW6/YWl72oQNxZ/
EbjMShK2Mmn6Uz3XET1NLdFydefMmceiomutH0Fnxdl7uQnwahCg7p21wzO+PQAl
3j8wYIqMa8G/gAf0AEmp0/XvWOdWWaIAQK9ld7uFExzQ0q/OySgQNlkWo3nhf3ec
BmAKzJ+ezJFlBTNfWXyqq8ENXVRnzri/VYyRI9vNoy0iuNSipyrUkmGNPkxnfLu8
lkLPDdEmKSyU
=KoSm
-----END PGP SIGNATURE-----
--- End Message ---
