Re: [Pkg-kde-extras] smb4k CVE-2017-8849

[Markus Koschany]

Hi Salvatore,

Am 15.06.2017 um 05:53 schrieb Salvatore Bonaccorso:
[...]
> As confirmed by upstream (for the jessie-Version):
> 
> cut-cut-cut-cut-cut-cut-
>   proc.setProgram( args["command"].toStringList() );
> 
>   // Run the mount process.
>   proc.start();
> cut-cut-cut-cut-cut-cut-
> 
> is affected due to this. The helper is then running whatever thing
> ones gives it through dbus.
> 
> So at least for jessie, this should not be marked as not-affected, I
> have not looked at wheezy, which has 1.0.1 based version.
> 
> It now might be quite hard to do the right backporting. And depending
> on the changes between 1.1.2 and 1.2.1 it might be as well not
> feasbible to update to a new upstream version as suggested by
> upstream.

Then args["command"] must be something that can only be passed to smb4k
via dbus and it is unrelated to the code in core/smb4kmounter_p.cpp.
Otherwise it makes no sense to me. It would have been nice, if we had
access to the actual exploit but it seems it was never attached to the
report on the oss-security list.

Then I suggest we backport the Stretch version of smb4k to Wheezy and
Jessie. I have done this a few minutes ago for Wheezy and it was quite
painless. It pulls in a new dependency, libqt4-test, but apart from
that, mounting and unmounting of shares works as expected.

What do you think?

Markus



signature.asc
Description: OpenPGP digital signature
___
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras

[Pkg-kde-extras] Bug#864826: gammaray: 2.8.0 is out

[ydirson]

Package: gammaray
Version: 2.7.0-1
Severity: wishlist

https://github.com/KDAB/GammaRay/releases

___
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras

[Pkg-kde-extras] Bug#864825: gammaray: crashes target program on attach

[ydirson]

Package: gammaray
Version: 2.7.0-1
severity: grave

When attaching to any Qt5 or Qt4 process, the target process crashes.
Here with a freshly-launched kwrite for demonstration:

#0  0x7f21b4fd96ad in poll () at ../sysdeps/unix/syscall-template.S:84
#1  0x7f21af8429f6 in g_main_context_poll (priority=, 
n_fds=1, fds=0x7f2194003020, timeout=, context=0x7f2194000990) 
at ././glib/gmain.c:4228
#2  g_main_context_iterate (context=context@entry=0x7f2194000990, 
block=block@entry=1, dispatch=dispatch@entry=1, self=) at 
././glib/gmain.c:3924
#3  0x7f21af842b0c in g_main_context_iteration (context=0x7f2194000990, 
may_block=1) at ././glib/gmain.c:3990
#4  0x7f21b58ed06b in 
QEventDispatcherGlib::processEvents(QFlags) () 
from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#5  0x7f21b58969ca in 
QEventLoop::exec(QFlags) () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#6  0x7f21b56c40f3 in QThread::exec() () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#7  0x7f21b88b26d5 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5DBus.so.5
#8  0x7f21b56c8da8 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#9  0x7f21b151e494 in start_thread (arg=0x7f21a0dfc700) at 
pthread_create.c:333
#10 0x7f21b4fe2aff in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Thread 1 (Thread 0x7f21a5b0a580 (LWP 31110)):
[KCrash Handler]
#4  0x7f219a2d65b1 in GammaRay::Server::listen() () from 
/usr/lib/libgammaray_core-qt5_7-x86_64.so.2.7.0
#5  0x7f219a294bd1 in GammaRay::Probe::delayedInit() () from 
/usr/lib/libgammaray_core-qt5_7-x86_64.so.2.7.0
#6  0x7f21b58c5499 in QObject::event(QEvent*) () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#7  0x7f21b617bb8c in QApplicationPrivate::notify_helper(QObject*, QEvent*) 
() from /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#8  0x7f21b6183341 in QApplication::notify(QObject*, QEvent*) () from 
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#9  0x7f21b58989e0 in QCoreApplication::notifyInternal2(QObject*, QEvent*) 
() from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#10 0x7f21b589b16d in QCoreApplicationPrivate::sendPostedEvents(QObject*, 
int, QThreadData*) () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#11 0x7f21b58ecc43 in ?? () from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#12 0x7f21af8427f7 in g_main_dispatch (context=0x7f219c0016f0) at 
././glib/gmain.c:3203
#13 g_main_context_dispatch (context=context@entry=0x7f219c0016f0) at 
././glib/gmain.c:3856
#14 0x7f21af842a60 in g_main_context_iterate 
(context=context@entry=0x7f219c0016f0, block=block@entry=1, 
dispatch=dispatch@entry=1, self=) at ././glib/gmain.c:3929
#15 0x7f21af842b0c in g_main_context_iteration (context=0x7f219c0016f0, 
may_block=1) at ././glib/gmain.c:3990
#16 0x7f21b58ed04f in 
QEventDispatcherGlib::processEvents(QFlags) () 
from /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#17 0x7f21b58969ca in 
QEventLoop::exec(QFlags) () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#18 0x7f21b589f13c in QCoreApplication::exec() () from 
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#19 0x557eafc8198f in main ()

___
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras