[Pkg-nagios-changes] [pkg-nagios] r895 - in nagios/trunk/debian: . patches

Sean Finney seanius at costa.debian.org
Fri May 12 10:54:25 UTC 2006 

Author: seanius
Date: 2006-05-12 10:54:24 +0000 (Fri, 12 May 2006)
New Revision: 895

Added:
   nagios/trunk/debian/patches/16_CVE-2006-2162_content-length.dpatch
Modified:
   nagios/trunk/debian/changelog
   nagios/trunk/debian/patches/00list
Log:
updated patch for the listed CVE


Modified: nagios/trunk/debian/changelog
===================================================================
--- nagios/trunk/debian/changelog	2006-05-12 09:44:51 UTC (rev 894)
+++ nagios/trunk/debian/changelog	2006-05-12 10:54:24 UTC (rev 895)
@@ -1,13 +1,15 @@
-nagios (2:1.4-1) UNRELEASED; urgency=low
+nagios (2:1.4-1) unstable; urgency=high
 
-  * not released yet... needs testing.
   [sean finney]
   * resynchronize with upstream source.
     - upstream has incorporated 14_xdata_check-fulldisks.dpatch
   * includes fix for Content-Length bounds/sanity checking mentioned
     in CVE-2006-2162 (closes: #366682).
+  * includes fix for the above fix, which was incomplete
+    (16_CVE-2006-2162_content-length.dpatch).
+  * security release, bumped the urgency.
 
- -- sean finney <seanius at debian.org>  Thu, 11 May 2006 10:13:33 +0200
+ -- sean finney <seanius at debian.org>  Fri, 12 May 2006 12:37:37 +0200
 
 nagios (2:1.3-cvs.20050402-13) unstable; urgency=medium
 

Modified: nagios/trunk/debian/patches/00list
===================================================================
--- nagios/trunk/debian/patches/00list	2006-05-12 09:44:51 UTC (rev 894)
+++ nagios/trunk/debian/patches/00list	2006-05-12 10:54:24 UTC (rev 895)
@@ -14,3 +14,4 @@
 12_xrddb.c-errorhandling.dpatch
 13_config.h.in-traceroute_hardcoded.dpatch
 15_submit_check_result_via_nsca-nagioshost.dpatch
+16_CVE-2006-2162_content-length.dpatch

Added: nagios/trunk/debian/patches/16_CVE-2006-2162_content-length.dpatch
===================================================================
--- nagios/trunk/debian/patches/16_CVE-2006-2162_content-length.dpatch	2006-05-12 09:44:51 UTC (rev 894)
+++ nagios/trunk/debian/patches/16_CVE-2006-2162_content-length.dpatch	2006-05-12 10:54:24 UTC (rev 895)
@@ -0,0 +1,31 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 16_CVE-2006-2162_content-length.dpatch by  <seanius at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+ at DPATCH@
+diff -urNad nagios-1.4~/cgi/getcgi.c nagios-1.4/cgi/getcgi.c
+--- nagios-1.4~/cgi/getcgi.c	2006-04-12 21:25:14.000000000 +0200
++++ nagios-1.4/cgi/getcgi.c	2006-05-12 12:40:54.000000000 +0200
+@@ -9,6 +9,7 @@
+ #include "../common/config.h"
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <limits.h>
+ #include "getcgi.h"
+ 
+ 
+@@ -166,8 +167,10 @@
+ 			printf("getcgivars(): No Content-Length was sent with the POST request.\n") ;
+ 			exit(1);
+ 		        }
+-		if(content_length<0)
+-			content_length=0;
++		if((content_length<0) || (content_length >= INT_MAX-1)){
++			printf("getcgivars(): Suspicious Content-Length was sent with the POST request.\n");
++			exit(1);
++			}
+ 		if(!(cgiinput=(char *)malloc(content_length+1))){
+ 			printf("getcgivars(): Could not allocate memory for CGI input.\n");
+ 			exit(1);


Property changes on: nagios/trunk/debian/patches/16_CVE-2006-2162_content-length.dpatch
___________________________________________________________________
Name: svn:executable
   + *

More information about the Pkg-nagios-changes mailing list