Bug#780139: marked as done (CVE-2015-0885)

Thu, 09 Apr 2015 03:51:55 -0700 

Your message dated Thu, 09 Apr 2015 10:48:38 +0000
with message-id <e1yga0k-0005c1...@franck.debian.org>
and subject line Bug#780139: fixed in checkpw 1.02-1+deb6u1
has caused the Debian Bug report #780139,
regarding CVE-2015-0885
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
780139: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780139
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: checkpw
Severity: grave
Tags: security

Hi Gerrit,
please see
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0885
(feel free to lower the severity, I don't know checkpw myself)

I'm attaching a cleaned-up diff between the 1.03 and 1.02 releases.

Cheers,
        Moritz

diff -Naur checkpw-1.02/checkapoppw.c checkpw-1.03/checkapoppw.c
--- checkpw-1.02/checkapoppw.c	2002-01-07 08:25:10.000000000 +0100
+++ checkpw-1.03/checkapoppw.c	2015-02-21 00:42:57.000000000 +0100
@@ -85,7 +85,7 @@
     pw = getpwnam(login);
     if (pw) break;
     if (errno == error_txtbsy) die(111);
-    for (; ext != login && *ext != '-'; --ext);
+    do {--ext;} while (ext != login && *ext != '-');
     if (ext == login) die(1);
     if (i) login[i] = '-';
     i = ext - login;
diff -Naur checkpw-1.02/checkpw.c checkpw-1.03/checkpw.c
--- checkpw-1.02/checkpw.c	2002-01-07 08:23:51.000000000 +0100
+++ checkpw-1.03/checkpw.c	2015-02-21 00:42:33.000000000 +0100
@@ -71,7 +71,7 @@
     pw = getpwnam(login);
     if (pw) break;
     if (errno == error_txtbsy) die(111);
-    for (; ext != login && *ext != '-'; --ext);
+    do {--ext;} while (ext != login && *ext != '-');
     if (ext == login) die(1);
     if (i) login[i] = '-';
     i = ext - login;

--- End Message ---
--- Begin Message --- 
Source: checkpw
Source-Version: 1.02-1+deb6u1

We believe that the bug you reported is fixed in the latest version of
checkpw, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 780...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Markus Koschany <a...@gambaru.de> (supplier of updated checkpw package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Mar 2015 14:02:06 +0200
Source: checkpw
Binary: checkpw
Architecture: source i386
Version: 1.02-1+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Gerrit Pape <p...@smarden.org>
Changed-By: Markus Koschany <a...@gambaru.de>
Description: 
 checkpw    - checks password which is stored in ~/Maildir/.password
Closes: 780139
Changes: 
 checkpw (1.02-1+deb6u1) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-0885: Fix denial of service via -- in usernames (Closes: #780139)
Checksums-Sha1: 
 bf237ca6a7a713a20bca931b4675627560a3f75d 1680 checkpw_1.02-1+deb6u1.dsc
 6a290aedf75f34401efc329c9eb1eb650e3181df 28631 checkpw_1.02.orig.tar.gz
 5390e3f7a358a533cf97eac42bf87701dd781999 6801 checkpw_1.02-1+deb6u1.diff.gz
 5cfbf8da334c6c8c5052938d94f633fa193d31c9 18014 checkpw_1.02-1+deb6u1_i386.deb
Checksums-Sha256: 
 d457b1bd00de1d097b59b1ea9be3f5bce3324594095533bd19bed9601107d34b 1680 
checkpw_1.02-1+deb6u1.dsc
 685a7fd4f4c783d0dcee342d109b0e492d3251e3c0cbc0ef77d33613cac6bced 28631 
checkpw_1.02.orig.tar.gz
 4540d3f4e188647317f432357ec6042766ac10f5e3a0e52fea9a074d09613946 6801 
checkpw_1.02-1+deb6u1.diff.gz
 4af37b4a6327a8514f8f52dd509f2f366c20ea8cb5f4f0a1dcc6514e4748b9b5 18014 
checkpw_1.02-1+deb6u1_i386.deb
Files: 
 54b41d14cd681d77e4766a1ad185adfe 1680 mail optional checkpw_1.02-1+deb6u1.dsc
 0f71643b3e4f6b856f44d1fedd6ceb38 28631 mail optional checkpw_1.02.orig.tar.gz
 4f5f454b4004f6ebf7beaf3986c6e2e9 6801 mail optional 
checkpw_1.02-1+deb6u1.diff.gz
 4d68d0266e8199da938c312ca2e72113 18014 mail optional 
checkpw_1.02-1+deb6u1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJVJkxCXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHRCsQAJCk29K4wsy8EBstZYr09m9K
oBnUkVS8soiSSVa7y3qJwrHwAMDpBTfJY6C/e9XqoniEQ3ytuSHuYLqyFy/HypY3
Vg9oQfqedF6dufWJxgHFGhuLI4ffuRBAEqAUfz9KoE6FUt1Tpmviza/rxLTCiy00
HafQy64K4KjVr2cdbp1RTT78HgyyrSXJUtDepNa62d0Bw4ecZUun4avCUqOgfgFr
/hCIApKOZ7Vg9NSiHaq6tMDLbuggRBfA9yy9oB8GgWRo8+/oTPAbvhfTwdsu6HIH
Zi3Y2n69e5MaUXiI7cBy2MDYCkbflYypA/NKXvKI9ANQPmPoRNnMCOaJSVfCNvDg
M1sHDUO605HnLqZ5R8fKNRiIksG16ROiyUmqTVNJXvqYq/d/oU+2Sm6stvAzPZpV
BwI81nIFhsxpBnrT6ypkRjHZYiGF9atFqLKmhmfVEDHI0bAL1SNOAqrzb1AYkI4L
9jm2/VV/z/Yv5ry4vrX+I/+WQL4x4EvJb4vVO/PWTe1BM6vzVZmZOq7UjLt1iWXG
TbRmnjuOLNI30m72sC67aETTucHyIQarOGn/Hd3Lgtp67FUUTw80oCzIkTR91NFN
HpHP8jm3JHdI3qAuU4bGhhbNDCSvWQIhT4oLXJW5JvaevLGxcChK1imLufNp+1cR
85PqxVV4EEq94gkF9xZY
=0SZv
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to