Your message dated Thu, 03 Dec 2020 20:47:21 +0000 with message-id <e1kkvvz-00081r...@fasolo.debian.org> and subject line Bug#973769: fixed in spice-vdagent 0.20.0-2 has caused the Debian Bug report #973769, regarding spice-vdagent: CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 973769: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973769 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: spice-vdagent Version: 0.20.0-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Hi, The following vulnerabilities were published for spice-vdagent. CVE-2020-25650[0]: | Memory DoS via Arbitrary Entries in active_xfers Hash Table CVE-2020-25651[1]: | Possible File Transfer DoS and Information Leak via active_xfers | Hash Map CVE-2020-25652[2]: | Possibility to Exhaust File Descriptors in vdagentd CVE-2020-25653[3]: | UNIX Doman Socket Peer PID Retrieved via SO_PEERCRED is Subject to | Race Condition Altough the security-tracker lists all the individual commits all of the commits mentioned in the oss-security post should be taken: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/ce144335ff45b16be2241c45a683cc01e0f50558 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/1a8b93ca6ac0b690339ab7f0afc6fc45d198d332 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/9d35d8a86fb310fc1f29d428c0a96995948d2357 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/91caa9223857708475d29df1768208fed1675340 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/51c415df82a52e9ec033225783c77df95f387891 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/5c50131797e985d0a5654c1fd7000ae945ed29a7 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/812ca777469a377c84b9861d7d326bfc72563304 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/e4bfd1b632b6c14e8411dbe3565115a78cd3d256 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/b7db1c20c9f80154fb54392eb44add3486d3e427 https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/5094d5cfe66748dffcca8529745f8b3c76195d7a If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-25650 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25650 [1] https://security-tracker.debian.org/tracker/CVE-2020-25651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25651 [2] https://security-tracker.debian.org/tracker/CVE-2020-25652 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25652 [3] https://security-tracker.debian.org/tracker/CVE-2020-25653 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25653 [4] https://www.openwall.com/lists/oss-security/2020/11/04/1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: spice-vdagent Source-Version: 0.20.0-2 Done: Adrian Bunk <b...@debian.org> We believe that the bug you reported is fixed in the latest version of spice-vdagent, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 973...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Adrian Bunk <b...@debian.org> (supplier of updated spice-vdagent package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 03 Dec 2020 21:37:35 +0200 Source: spice-vdagent Architecture: source Version: 0.20.0-2 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Adrian Bunk <b...@debian.org> Closes: 973769 Changes: spice-vdagent (0.20.0-2) unstable; urgency=medium . * QA upload. * Set Maintainer to Debian QA Group. (see #911430) * Add changes from Ubuntu: * SECURITY UPDATE: Memory DoS via Arbitrary Entries in active_xfers Hash Table - debian/patches/CVE-2020-25650-1.patch: avoid agents allocating file transfers in src/vdagentd/vdagentd.c. - debian/patches/CVE-2020-25650-2.patch: avoid uncontrolled active_xfers allocations in src/vdagentd/vdagentd.c. - CVE-2020-25650 * SECURITY UPDATE: Possible File Transfer DoS and Information Leak via active_xfers Hash Map - debian/patches/CVE-2020-25651-1.patch: cleanup active_xfers when the client disconnects in src/vdagentd/vdagentd.c. - debian/patches/CVE-2020-25651-2.patch: do not allow using an already used file-xfer id in src/vdagentd/vdagentd.c. - CVE-2020-25651 * SECURITY UPDATE: Possibility to Exhaust File Descriptors in vdagentd - debian/patches/CVE-2020-25652-1.patch: avoid unlimited agent connections in src/udscs.c. - debian/patches/CVE-2020-25652-2.patch: limit number of agents per session to 1 in src/vdagentd/vdagentd.c. - CVE-2020-25652 * SECURITY UPDATE: UNIX Domain Socket Peer PID Retrieved via SO_PEERCRED is Subject to Race Condition - debian/patches/CVE-2020-25653-1.patch: avoid user session hijacking in src/vdagent-connection.c, src/vdagent-connection.h, src/vdagentd/vdagentd.c. - debian/patches/CVE-2020-25653-2.patch: better check for sessions in src/vdagentd/console-kit.c, src/vdagentd/dummy-session-info.c, src/vdagentd/session-info.h, src/vdagentd/systemd-login.c, src/vdagentd/vdagentd.c. - CVE-2020-25653 * Additional fixes: - debian/patches/CVE-2020-2565x-1.patch: avoid calling chmod in src/vdagentd/vdagentd.c. (Closes: #973769) Checksums-Sha1: 747b9ee64e58d740233d881a364fb3fcca0aaa69 2450 spice-vdagent_0.20.0-2.dsc dd906212e4a36bba56ceed956820d2c25a51dc6a 21116 spice-vdagent_0.20.0-2.debian.tar.xz Checksums-Sha256: fc27ab22dc76114b5bba8f63199500054baa6a555bc4fb4da17aabdd12acceca 2450 spice-vdagent_0.20.0-2.dsc 92233464205236df6fe8f078473fb6ec39526f62cc5aa467ab5d4c02e301e6fe 21116 spice-vdagent_0.20.0-2.debian.tar.xz Files: 936eaa0aec5a1e6f428427c476515cef 2450 x11 optional spice-vdagent_0.20.0-2.dsc 9fc51158d5991bdea3fd13923dbaa691 21116 x11 optional spice-vdagent_0.20.0-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl/JQHAACgkQiNJCh6LY mLFh5hAAkzH4F6AEiV6Am5FOGOIeqSdU0yVJ6Ey+KEyQdcKOhZxxilFibnWsIIIS hQxiqB43HMg18XBH1IRgjYF6WYJ4OzkiZN8YUZJd+t1PoeGEabjvD6+HWlixIgu3 7mRWGKmeVb7144xZCnC9Tugb+Nb1wCbX6cHQtsacDql4Wm/oGernZ8y32PpvP+XQ SbxKfoYFWOcO3KWfeaRYtWLyYe+yiL9XTE9CjhCOsUIRVRvjQoH0sN1gaUQDzse0 wM7K6f8DCA5PErmo8fDQpqK3sp+efH3pXxfus/8M1d7G9XJub4DvEL682kbDef0m X6sPa8e2pzRuoW6J8Puy0goLxptw08dG3Ic6MRUm9BqfxZS22LZp+WLsi4LoQAB6 Z/9X4K09JHTHhaMQYWjeKMdBTJFzrfG8oxp4hXiX4nFyUSixhXxTRSyJS/YyFPRT w5bbUmbo61N60ScAazxUvzLGYqm1DfPhVux2VirxiCyUNFxthUKIsdOoGJ5q2IUB sWHa+IWsnzpu/39/iKMoi8EMuzTBSjUz/wQXVqvZvfsxZbGsXiXnjluHMAi6Ntcj sEs5Z+mPdfRMig29ApY19xy1otnETM/+dJNP3m2mldSK8hqHwPUJ+QbHN6eO19R6 v1WQRMupgH+Jbb1TSsxmlrbCzLfuoNSMNhCUOXbYs/VMAEr99lY= =FPrc -----END PGP SIGNATURE-----
--- End Message ---
