** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1247888
Title:
bip crash with "FATAL: Failed assetion in src/irc.c(2447): n
To manage notifications about this bug go
** Tags removed: verification-needed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1247888
Title:
bip crash with "FATAL: Failed assetion in src/irc.c(2447): n
To manage notifications about this bug
This bug was fixed in the package bip - 0.8.8-2ubuntu0.12.10.1
---
bip (0.8.8-2ubuntu0.12.10.1) quantal-security; urgency=low
* SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
socket, and never close the connection. (LP: #1247888)
- debian/patches/sslfa
This bug was fixed in the package bip - 0.8.8-2ubuntu1.1
---
bip (0.8.8-2ubuntu1.1) saucy-security; urgency=low
* SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
socket, and never close the connection. (LP: #1247888)
- debian/patches/sslfailurefdleak.pa
This bug was fixed in the package bip - 0.8.8-2ubuntu0.13.04.1
---
bip (0.8.8-2ubuntu0.13.04.1) raring-security; urgency=low
* SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
socket, and never close the connection. (LP: #1247888)
- debian/patches/sslfai
This bug was fixed in the package bip - 0.8.8-1ubuntu0.3
---
bip (0.8.8-1ubuntu0.3) precise-security; urgency=low
* SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
socket, and never close the connection. (LP: #1247888)
- debian/patches/sslfailurefdleak.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4550
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1247888
Title:
bip crash with "FATAL: Failed assetion in src/irc.c(2447): n
ACK on the debdiffs. I will push them as security updates with some
minor changelog changes. Thanks!
** Also affects: bip (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: bip (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: bip (Ubuntu Sau
** Patch added: "lp1247888.saucy.debdiff"
https://bugs.launchpad.net/ubuntu/precise/+source/bip/+bug/1247888/+attachment/3903375/+files/lp1247888.saucy.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.
** Patch added: "lp1247888.quantal.debdiff"
https://bugs.launchpad.net/ubuntu/precise/+source/bip/+bug/1247888/+attachment/3903372/+files/lp1247888.quantal.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launch
** Patch added: "lp1247888.raring.debdiff"
https://bugs.launchpad.net/ubuntu/precise/+source/bip/+bug/1247888/+attachment/3903373/+files/lp1247888.raring.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpa
As this can be considered a DoS vulnerability here are the debdiffs for
q, r, and s as well. Trusty already has this fix.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1247888
Title:
bip crash with
I'm fairly certain this issue is being caused by time warner *(or an
attacker with a time warner IP) port scanning my machine. It's
connecting to the port, failing the ssl handshake, and bip leaks the FD.
Not sure if the SRU team or the security team wants to take the fix.
** Changed in: bip (Ubu
So the patch appears to have fixed the failed assertion, but the source of the
problem still appears to have been a file descriptor leak. Discussed upstream
here.
https://projects.duckcorp.org/issues/261
I'm now testing with this additional fix. And things appear to be
fixed. I'm not longer
Well sorry to burst everyone's bubble, but my bip server just crashed
again this morning.
The end of the log looks like this
05-11-2013 10:26:04 ERROR: Error in SSL handshake.
05-11-2013 10:26:04 ERROR: Error on fd 35 (state 3)
05-11-2013 10:26:04 ERROR: client read_lines error, closing...
06
Since this is a security fix, it needs to be built and released in the
-security pocket.
I have rebuilt this as a security update, and have released it,
superseding the -proposed package.
Thanks!
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-0806
--
You received this bu
Hi Stéphane - this should go through precise-security instead of
precise-updates. Can we put a stop on the SRU process and allow a
security team member sponsor this for precise-security?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
The proposed package is now installed on my server machine. I will
verify in a week if any more crashes have occurred.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1247888
Title:
bip crash with "F
** Branch linked: lp:~ubuntu-branches/ubuntu/precise/bip/precise-
proposed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1247888
Title:
bip crash with "FATAL: Failed assetion in src/irc.c(2447): n
Hello Dave, or anyone else affected,
Accepted bip into precise-proposed. The package will build now and be
available at http://launchpad.net/ubuntu/+source/bip/0.8.8-1ubuntu0.1 in
a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubun
Uploaded with a few modifications.
** Patch added: "lp1247888.precise.debdiff"
https://bugs.launchpad.net/ubuntu/+source/bip/+bug/1247888/+attachment/3900269/+files/lp1247888.precise.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** Also affects: bip (Ubuntu Precise)
Importance: Undecided
Status: New
** Changed in: bip (Ubuntu Precise)
Assignee: (unassigned) => Dave Chiluk (chiluk)
** Changed in: bip (Ubuntu Precise)
Status: New => In Progress
** Changed in: bip (Ubuntu Precise)
Importance: Undec
I'm currently running with the above debdiff on my server, and all
appears to be going well.
** Description changed:
+ [Impact]
+
+ * Bip crashes with "FATAL: Failed assetion in src/irc.c(2447): n" in
+ log
+
+ * Current version of bip in precise is vulnerable to the following CVE
+ http://we
Here is the debdiff that contains the CVE backport from quantal.
** Patch added: "lp1247888.precise.debdiff"
https://bugs.launchpad.net/ubuntu/+source/bip/+bug/1247888/+attachment/3899962/+files/lp1247888.precise.debdiff
--
You received this bug notification because you are a member of Ubunt
24 matches
Mail list logo