Package: release.debian.org Severity: normal Tags: buster User: release.debian....@packages.debian.org Usertags: pu
Hi freetds in buster is affected by CVE-2019-13508 (cf. #944012). The issue was fixed in unstable. This update is to address the issue as well for buster. Can you accept this update as well for the next buster point release? Regards, Salvatore -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-6-amd64 (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)
diff -u freetds-1.00.104/debian/changelog freetds-1.00.104/debian/changelog --- freetds-1.00.104/debian/changelog +++ freetds-1.00.104/debian/changelog @@ -1,3 +1,10 @@ +freetds (1.00.104-1+deb10u1) buster; urgency=medium + + * Non-maintainer upload. + * tds: Make sure UDT has varint set to 8 (CVE-2019-13508) (Closes: #944012) + + -- Salvatore Bonaccorso <car...@debian.org> Mon, 27 Jan 2020 17:28:42 +0100 + freetds (1.00.104-1) unstable; urgency=medium * New upstream release. diff -u freetds-1.00.104/src/tds/data.c freetds-1.00.104/src/tds/data.c --- freetds-1.00.104/src/tds/data.c +++ freetds-1.00.104/src/tds/data.c @@ -1418,6 +1418,7 @@ tds_get_string(tds, tds_get_usmallint(tds), NULL, 0); col->column_size = 0x7ffffffflu; + col->column_varint_size = 8; return TDS_SUCCESS; } @@ -1425,6 +1426,7 @@ TDS_INT tds_clrudt_row_len(TDSCOLUMN *col) { + col->column_varint_size = 8; /* TODO save other fields */ return sizeof(TDSBLOB); }