Hi Jörg, On Sat, Jan 02, 2021 at 01:22:09PM +0100, Salvatore Bonaccorso wrote: > Control: severity -1 grave > > Hi Jörg, Adam, > > On Wed, Feb 05, 2020 at 10:11:58PM +0100, Salvatore Bonaccorso wrote: > > Source: ipmitool > > Version: 1.8.18-8 > > Severity: important > > Tags: security upstream > > Control: found -1 1.8.18-6 > > Control: found -1 1.8.18-3 > > > > Hi, > > > > The following vulnerability was published for ipmitool. > > > > CVE-2020-5208[0]: > > | It's been found that multiple functions in ipmitool before 1.8.19 > > | neglect proper checking of the data received from a remote LAN party, > > | which may lead to buffer overflows and potentially to remote code > > | execution on the ipmitool side. This is especially dangerous if > > | ipmitool is run as a privileged user. This problem is fixed in version > > | 1.8.19. > > Strictly speaking this is not RC (so if you strongly disagree please > downgrade). While not a serious problem if run not with a privileged > user or over untrusted networks, I feel would still be great to have > this issue fixed for the upcoming bullseye. > > Possible to rebase to the 1.8.19 release before the upcoming freeze?
Thanks for working on this, have seen the pending tag. Note that the initial listing of commits was not complete. I believe there is a whole set of commits needed to adress GHSA-g659-9qxw-p7cp. The security-tracker lists them all, and they should be: https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2 https://github.com/ipmitool/ipmitool/commit/840fb1cbb4fb365cb9797300e3374d4faefcdb10 https://github.com/ipmitool/ipmitool/commit/41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22 https://github.com/ipmitool/ipmitool/commit/9452be87181a6e83cfcc768b3ed8321763db50e4 https://github.com/ipmitool/ipmitool/commit/d45572d71e70840e0d4c50bf48218492b79c1a10 https://github.com/ipmitool/ipmitool/commit/7ccea283dd62a05a320c1921e3d8d71a87772637 Cf. https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp. Regards, Salvatore
