Bug#847196: monit segfault on stop and start

Tue, 06 Dec 2016 06:13:19 -0800 

On Tue, Dec 06, 2016 at 01:52:04PM +0100, Victor Seva wrote:
> Yes, I just notice the security update is broken.
> 
> I have prepared the fix for this and I was planing to contact the
> security team about this.
> 
> Thanks for reporting,
> Victor Seva

Victor, you are in uploaders for the package.  Why this NMU?

Could you push your changes to the project repo?

> From ee30a7dff71a579d32c6744c38834a5808b10c3f Mon Sep 17 00:00:00 2001
> From: Victor Seva <linuxman...@torreviejawireless.org>
> Date: Tue, 6 Dec 2016 10:40:19 +0100
> Subject: [PATCH] fix 09_CVE-2016-7067.patch producing Segmentation fault on
>  action
> 
> ---
>  debian/changelog                         |  8 ++++++++
>  debian/patches/10_fixCVE-2016-7067.patch | 17 +++++++++++++++++
>  debian/patches/series                    |  1 +
>  3 files changed, 26 insertions(+)
>  create mode 100644 debian/patches/10_fixCVE-2016-7067.patch
> 
> diff --git a/debian/changelog b/debian/changelog
> index 36b8e78..41ff485 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,11 @@
> +monit (1:5.4-2+deb7u2) wheezy-security; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * fix 09_CVE-2016-7067.patch producing Segmentation fault
> +    on action
> +
> + -- Victor Seva <vs...@debian.org>  Tue, 06 Dec 2016 10:29:16 +0100
> +
>  monit (1:5.4-2+deb7u1) wheezy-security; urgency=high
>  
>    * Non-maintainer upload by the LTS Team.
> diff --git a/debian/patches/10_fixCVE-2016-7067.patch 
> b/debian/patches/10_fixCVE-2016-7067.patch
> new file mode 100644
> index 0000000..32ff6af
> --- /dev/null
> +++ b/debian/patches/10_fixCVE-2016-7067.patch
> @@ -0,0 +1,17 @@
> +--- a/src/control.c
> ++++ b/src/control.c
> +@@ -125,12 +125,13 @@ int control_service_daemon(const char *S
> +                 "Content-Length: %d\r\n"
> +                 "%s"
> +                 "\r\n"
> +-                "action=%s",
> +                 "securitytoken=%s&action=%s",
> +                 S,
> +                 token,
> ++                strlen("securitytoken=") + strlen(token) + 1 +
> +                 strlen("action=") + strlen(action),
> +                 auth ? auth : "",
> ++                token,
> +                 action) < 0)
> +         {
> +                 LogError("%s: Cannot send the command '%s' to the monit 
> daemon -- %s", prog, action ? action : "null", STRERROR);
> diff --git a/debian/patches/series b/debian/patches/series
> index 6116d00..c5ea434 100644
> --- a/debian/patches/series
> +++ b/debian/patches/series
> @@ -3,3 +3,4 @@
>  07_spelling.patch
>  08_hide_low_priority_info_from_stderr.patch
>  09_CVE-2016-7067.patch
> +10_fixCVE-2016-7067.patch
> -- 
> 2.10.2
>

Reply via email to