Bug#903787: marked as done (znc: CVE-2018-14055: privilege escalation to admin permission (injection of rogue values in znc.conf))

[Debian Bug Tracking System]

Your message dated Thu, 19 Jul 2018 19:17:42 +0000
with message-id <e1fgeqo-000b8s...@fasolo.debian.org>
and subject line Bug#903787: fixed in znc 1.6.5-1+deb9u1
has caused the Debian Bug report #903787,
regarding znc: CVE-2018-14055: privilege escalation to admin permission 
(injection of rogue values in znc.conf)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
903787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: znc
Version: 1.6.5-1
Severity: grave
Tags: patch security upstream
Justification: user security hole

Hi

See

https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e
https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d

which would allow privilege escalation by a remote non-admin user.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: znc
Source-Version: 1.6.5-1+deb9u1

We believe that the bug you reported is fixed in the latest version of
znc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 903...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Patrick Matthäi <pmatth...@debian.org> (supplier of updated znc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 17 Jul 2018 09:34:40 +0200
Source: znc
Binary: znc znc-dbg znc-dev znc-perl znc-python znc-tcl
Architecture: source amd64
Version: 1.6.5-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Patrick Matthäi <pmatth...@debian.org>
Changed-By: Patrick Matthäi <pmatth...@debian.org>
Description:
 znc        - advanced modular IRC bouncer
 znc-dbg    - advanced modular IRC bouncer (debugging symbols)
 znc-dev    - advanced modular IRC bouncer (development headers)
 znc-perl   - advanced modular IRC bouncer (Perl extension)
 znc-python - advanced modular IRC bouncer (Python extension)
 znc-tcl    - advanced modular IRC bouncer (Tcl extension)
Closes: 903787 903788
Changes:
 znc (1.6.5-1+deb9u1) stretch-security; urgency=high
 .
   * Add patch 01-CVE-2018-14056 to fix a path traversal flaw as described in
     CVE-2018-14056.
     Closes: #903788
   * Add patch 02-CVE-2018-14055 to fix a privilege escalation by injecting
     rogue values in znc.conf as described in CVE-2018-14055.
     Closes: #903787
Checksums-Sha1:
 f366a871736636f275d9069e0ef9255afedd4363 2028 znc_1.6.5-1+deb9u1.dsc
 4c2634a91695bbf20473cb01d53baf3d0638a663 1470681 znc_1.6.5.orig.tar.gz
 4a7349f7d1dd257ecbc2dfab1593f3d12eeda19b 17948 znc_1.6.5-1+deb9u1.debian.tar.xz
 e7ea1128a8bc5bc509c13351f88d137c7a1fb110 25071044 
znc-dbg_1.6.5-1+deb9u1_amd64.deb
 a6b746b4779fa075c45c25d3c722c74bd78c7996 100490 
znc-dev_1.6.5-1+deb9u1_amd64.deb
 28b2a9d47ad386fca17c7eeb731e3cddcb973ef7 611388 
znc-perl_1.6.5-1+deb9u1_amd64.deb
 e4a9f4188e1e9560d0d5a2da0347edd5f19f7d92 640726 
znc-python_1.6.5-1+deb9u1_amd64.deb
 695803f5a35e057688633a9edccc810687d2dd91 70970 znc-tcl_1.6.5-1+deb9u1_amd64.deb
 22e3e7d08f8f009024899694326258ff3c12f695 8130 
znc_1.6.5-1+deb9u1_amd64.buildinfo
 de933a152eb56ad31388139af738358f9c31cfbf 1452456 znc_1.6.5-1+deb9u1_amd64.deb
Checksums-Sha256:
 847dea96bdc8dc77c20e0d50ec509c0489fba8b31b42b9f03b33d8f032779952 2028 
znc_1.6.5-1+deb9u1.dsc
 2f0225d49c53a01f8d94feea4619a6fe92857792bb3401a4eb1edd65f0342aca 1470681 
znc_1.6.5.orig.tar.gz
 d757565996f4e0cbd455e77caa67277f1dd45f05616d03d7d8917993f56684a3 17948 
znc_1.6.5-1+deb9u1.debian.tar.xz
 8432b0e62f928446471d40b7957825f3d9e024e4b34e3ebbbe9df2bb3b5459a9 25071044 
znc-dbg_1.6.5-1+deb9u1_amd64.deb
 4e7bf2eacfb15731d19b556d0dc076c6b8534a8e4ddcd142e5b9eb728943ecab 100490 
znc-dev_1.6.5-1+deb9u1_amd64.deb
 9e3a86b4350caa278ee8895a680218a47b935c0d4deac3be0f33d0daadfc6d21 611388 
znc-perl_1.6.5-1+deb9u1_amd64.deb
 6ef4b80c4b55093656f4742a4f89cdac33ca8632ee51becbb3500e051054505c 640726 
znc-python_1.6.5-1+deb9u1_amd64.deb
 6851ca7cc7232c6f7b5001900029bab34522799be3d8d07965470cd40846af98 70970 
znc-tcl_1.6.5-1+deb9u1_amd64.deb
 7961218b56101ee12ff033275381fc7ce0dd8cc96ba190cb6243f9e5e3dfb803 8130 
znc_1.6.5-1+deb9u1_amd64.buildinfo
 d8e9dc3c085cf6d3514911714da32d24edc1f090294519fa3742800e90fc4b4b 1452456 
znc_1.6.5-1+deb9u1_amd64.deb
Files:
 80a434e5820e1341401d4179a9165e47 2028 net optional znc_1.6.5-1+deb9u1.dsc
 ab22e4e94cdd04c5644c4d9213149af0 1470681 net optional znc_1.6.5.orig.tar.gz
 132d4772e9596031648e078b78345cb0 17948 net optional 
znc_1.6.5-1+deb9u1.debian.tar.xz
 daa79fc3930266984c927bb4df968f97 25071044 debug extra 
znc-dbg_1.6.5-1+deb9u1_amd64.deb
 e342f0d57cbf3319c7d48c45725bc6cf 100490 net optional 
znc-dev_1.6.5-1+deb9u1_amd64.deb
 cf2755c5f24588a843f704de2d96c1ce 611388 net optional 
znc-perl_1.6.5-1+deb9u1_amd64.deb
 bf8668434b4ad39ffb5a6899ef9603f6 640726 net optional 
znc-python_1.6.5-1+deb9u1_amd64.deb
 c6a3f6ba4d622daecb8c7420fd97faf7 70970 interpreters optional 
znc-tcl_1.6.5-1+deb9u1_amd64.deb
 7a7749a097c7e42de343c256d795951f 8130 net optional 
znc_1.6.5-1+deb9u1_amd64.buildinfo
 7d8088e2525ae25a67c46cafea275330 1452456 net optional 
znc_1.6.5-1+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAltO77AACgkQEtmwSpDL
2OSyeg//bdffR6HdAxbHkglhrLY8hL0InvQBewDVsLdsndjebNbDKZV+W76VrFdL
WAk0yMSoFKyDhQ0KRfjwsTvAcG2E1HdXp4lda3DgMScpvj7UcU0QPk6/DFzcTrT0
MrdkpNhIkAEhrs+Q8oeGd6pEElVWcVpR3tOEBZcTrcjoj9m5JLqL406CIOT2WHPJ
0V+D4gQPZzdzIDweuL9cq8MVQJnUZT0Di3rWGuvcVC3qCYntsrfj+2zEOBB1Kvt9
i51rc5SIVDq0sgM2C9dDX5EA4nIncuz36a8LRq113w5OMEH9SGz+O6n20+5whVGU
ge9rLBioORTDW4aAoT7ymQW3IsvFwlAqTUMpIhchqRQ3G0Q+o6QLM8FA1Htp99xl
0fFolybXqpDEvvaEIL5PId16C5JtUgQbdONH0O+xObbN29/SuNbCmAmf9BY8ztK7
LH1rljbnm/LiKXdNN9q9MJC2gWZX91lRfDKN7Tx+3nGu+rHqGglVF9JIO+pK8eEg
CnJVxPfnU7dPiVDUbjySCtNgOe2se+634t402aiIwS7a7w3BLdImGlQgg+AxtxvA
/gq+AC6HLHootPHK21s+eqY1VzcLuTEaAc7Vmi1sPanFOUp08NBfUlnI8Sq2VRSj
aNLLbgejkOTSx+fXTcxBfnPXRVDVvtaboq/FNWq4B32VG4qCKCo=
=mhby
-----END PGP SIGNATURE-----

--- End Message ---