Bug#813406: marked as done (ctdb, raw sockets and CVE-2015-8543)

Debian Bug Tracking System Sat, 05 Mar 2016 14:37:45 -0800

Your message dated Sat, 05 Mar 2016 22:35:32 +0000
with message-id <e1acknm-0000ur...@franck.debian.org>
and subject line Bug#813406: fixed in ctdb 1.12+git20120201-5
has caused the Debian Bug report #813406,
regarding ctdb, raw sockets and CVE-2015-8543
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
813406: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813406
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: ctdb
Severity: grave
Tags: patch,upstream

Hi!

The kernel upgrade for CVE-2015-8543 showed a bug in CTDB that leads to a
broken cluster:
  | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
htons(IPPROTO_RAW) leads to 0xff00 which causes "-1 EINVAL (Invalid
argument)" because of CVE-2015-8543.
The fix for the issue is quite simple: remove IPPROTO_RAW; to make the fix
more consistent with what was used before, use IPPROTO_IP (which is 0).

Error messages related to this bug are:
  | We are still serving a public IP 'x.x.x.x' that we should not be serving. 
Removing it
  | common/system_common.c:89 failed to open raw socket (Invalid argument)
  | Could not find which interface the ip address is hosted on. can not release 
it
and 
  | common/system_linux.c:344 failed to open raw socket (Invalid argument)
As a result, IP addresses cannot be released and multiple nodes in the
cluster serve the same address, which obviously does not work.

Upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=11705 and mailing
list conversation: 
https://lists.samba.org/archive/samba/2016-January/197389.html

-- Adi

--- a/common/system_common.c    2016-01-19 15:20:37.437683526 +0100
+++ b/common/system_common.c    2016-01-19 15:20:50.417683526 +0100
@@ -83,7 +83,7 @@
        struct ifconf ifc;
        char *ptr;

-       s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
+       s = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
        if (s == -1) {
                DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
                         strerror(errno)));
--- a/common/system_linux.c     2016-01-19 16:06:53.021491231 +0100
+++ b/common/system_linux.c     2016-01-19 16:07:05.817491231 +0100
@@ -338,7 +338,7 @@
                ip4pkt.tcp.check    = tcp_checksum((uint16_t *)&ip4pkt.tcp, sizeof(ip4pkt.tcp), &ip4pkt.ip);

                /* open a raw socket to send this segment from */
-               s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
+               s = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
                if (s == -1) {
                        DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
                                 strerror(errno)));

signature.asc
Description: Digital signature

--- End Message ---

--- Begin Message ---

Source: ctdb
Source-Version: 1.12+git20120201-5

We believe that the bug you reported is fixed in the latest version of
ctdb, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 813...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mathieu Parent <sath...@debian.org> (supplier of updated ctdb package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 04 Feb 2016 16:00:04 +0100
Source: ctdb
Binary: ctdb libctdb-dev ctdb-dbg
Architecture: source amd64
Version: 1.12+git20120201-5
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org>
Changed-By: Mathieu Parent <sath...@debian.org>
Description: 
 ctdb       - clustered database to store temporary data
 ctdb-dbg   - clustered database to store temporary data -- debugging symbols a
 libctdb-dev - clustered database to store temporary data -- development files
Closes: 813406
Changes: 
 ctdb (1.12+git20120201-5) wheezy-security; urgency=high
 .
   * Fix CTDB behavior since CVE-2015-8543 (Closes: #813406)
Checksums-Sha1: 
 0f23f44aadf9ab834589be516b40b2f3e1a198f7 2044 ctdb_1.12+git20120201-5.dsc
 50e526e521539f55c2ae0e3bf0ccd8cd97d12f5a 1157177 
ctdb_1.12+git20120201.orig.tar.gz
 78d88ae850bfdf80079ddabec594d0d374dc2d49 15747 
ctdb_1.12+git20120201-5.debian.tar.gz
 a33d8609e0f80e745cf47e6aa642c57caab55c6d 589582 
ctdb_1.12+git20120201-5_amd64.deb
 6eb9d0769d879c8523e2558f7771bc44ce439c83 53628 
libctdb-dev_1.12+git20120201-5_amd64.deb
 6e94316a75b35500146fecd0d5fcd454da37df08 4764988 
ctdb-dbg_1.12+git20120201-5_amd64.deb
Checksums-Sha256: 
 8add230295ef17b2c96e67aee2f4e5123c256243c18398d1544a04a059de0b1f 2044 
ctdb_1.12+git20120201-5.dsc
 93f16fd1c22b9637901e22f353b392586c0397d343f1ffd83e0ffb2f50ca502b 1157177 
ctdb_1.12+git20120201.orig.tar.gz
 cb4afe0f70752ae33cd87ecf23a9bb789242ba9ed0854a82ac5aba775c12f166 15747 
ctdb_1.12+git20120201-5.debian.tar.gz
 057e08beee89d2c8b9db55b0cb06355ad98f4da6291b56faee98436a63b703f9 589582 
ctdb_1.12+git20120201-5_amd64.deb
 643a2ccd76b15ca50c32ae651983691f35b2280bd2beff02c69fe01b17621ae8 53628 
libctdb-dev_1.12+git20120201-5_amd64.deb
 2109b2c8f4cbb766652e2007cf136984584569563735cc611e63cfbf9fa15cbb 4764988 
ctdb-dbg_1.12+git20120201-5_amd64.deb
Files: 
 062de5d1fd94b0951010a4fe50b80793 2044 net extra ctdb_1.12+git20120201-5.dsc
 26de323a43381aa213096171edd93e32 1157177 net extra 
ctdb_1.12+git20120201.orig.tar.gz
 a85a607b9a58a635bd46a09bc9ffbb81 15747 net extra 
ctdb_1.12+git20120201-5.debian.tar.gz
 865485ccddc7ceb71a69230ce6e732d0 589582 net extra 
ctdb_1.12+git20120201-5_amd64.deb
 d6f8ac628324845e6f133dba36fb3518 53628 libdevel extra 
libctdb-dev_1.12+git20120201-5_amd64.deb
 3a12d3c505d9f3c2e3f61283f22a7816 4764988 debug extra 
ctdb-dbg_1.12+git20120201-5_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJW0NMUAAoJEK4DmARmaB+lhyUP/2oNPbFWkO/FdBY2fYAR0xOi
rP+uyiyagf5egcW0znhKsGM51AOSeSnHy/QwPTn4ye6LBcHNAthySa0iw4lNNMQr
4Tuhr0reVQL5SG5DvjlJeHfVVW75bGRzllIQ1N4oqlp9v4sCJexeRyZ5pjpYFQqs
5jd/TsoYBi1KYDQ6G8NtTRr48M65tUiU5yA2ck/b2FeRb0NbkwqTU7TE3Z9qixQV
LcEtunjB4PVgwVF/MEDXJ9z8ykjL5/FNtdk2MGngUVhm29+xtm1KxCC4nb/4ocFK
71URRPOkrBbLZjLpGqN5XBdN+iujpuRWy8Iwm1HuIPuBMTAEbRAgXOAqBSQMSnwp
pfXfmt0kD0299H06+9uGoW1RooysFIa7uwxI2lu4IQjTEbkBmWTjQ0CqL2czy963
WV0JnyXPA14msA9o+bkrz7M+pNJt/Ji0m/GqQNpDcCdhd2bMB8+NvozW+59zi4yu
FJoIPsVdKO8SZ0vUl4mPFu0IMttcxBs8xbBam6b6vyfnTpnDu5NU+c3QamuqPVUC
dGxm66vNU9aX3fmJ+cDtfmff0nB+x9HZifrzmUwwyoss4YbjKzB2dttfrXcgBRD1
nDYA82JubPcyVafwmWR9SF5O4ZcXBHTnzJn9KrrYIEHd/WMCKM1tJMn3hBnG4V1a
GdFkIx70hXxldgP820DM
=N4Ef
-----END PGP SIGNATURE-----

--- End Message ---

Bug#813406: marked as done (ctdb, raw sockets and CVE-2015-8543)

Reply via email to