Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: pu
Hi! I'd like to upload snack/2.2.10-dfsg1-9+squeeze1 which fixes CVE-2012-6303 to stable. The original bug is http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695614 It was fixed in unstable and testing via NMU. This proposed upload includes the same patch (attached). -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing'), (100, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.5-trunk-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
Index: debian/patches/CVE-2012-6303.patch =================================================================== --- debian/patches/CVE-2012-6303.patch (revision 0) +++ debian/patches/CVE-2012-6303.patch (revision 0) @@ -0,0 +1,18 @@ +--- snack-2.2.10-dfsg1/generic/jkSoundFile.c 2005-12-14 12:29:38.000000000 +0100 ++++ snack-2.2.10-dfsg1+karcher/generic/jkSoundFile.c 2013-01-02 00:29:56.836287036 +0100 +@@ -1796,7 +1796,14 @@ + GetHeaderBytes(Sound *s, Tcl_Interp *interp, Tcl_Channel ch, char *buf, + int len) + { +- int rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead); ++ int rlen; ++ ++ if (len > max(CHANNEL_HEADER_BUFFER, HEADBUF)){ ++ Tcl_AppendResult(interp, "Excessive header size", NULL); ++ return TCL_ERROR; ++ } ++ ++ rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead); + + if (rlen < len - s->firstNRead){ + Tcl_AppendResult(interp, "Failed reading header bytes", NULL); Index: debian/patches/series =================================================================== --- debian/patches/series (revision 979) +++ debian/patches/series (working copy) @@ -1,2 +1,3 @@ alsa.patch glibc2.10.patch +CVE-2012-6303.patch Index: debian/changelog =================================================================== --- debian/changelog (revision 979) +++ debian/changelog (working copy) @@ -1,3 +1,9 @@ +snack (2.2.10-dfsg1-9+squeeze1) stable; urgency=low + + * Included patch by Michael Karcher to fix CVE-2012-6303. + + -- Sergei Golovan <sgolo...@debian.org> Thu, 29 Oct 2009 21:58:50 +0300 + snack (2.2.10-dfsg1-9) unstable; urgency=low * Added patch which makes snack build with glibc 2.10 (closes: #548641).