Bug 744059 - VUL-0: cvs: client proxy_connect heap-based buffer overflow
VUL-0: cvs: client proxy_connect heap-based buffer overflow
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P1 - Urgent : Normal
: ---
Assigned To: Security Team bot
Security Team bot
maint:released:11.4:45681 maint:relea...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-01-30 11:45 UTC by Ludwig Nussel
Modified: 2015-02-18 20:33 UTC (History)
4 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2012-01-30 11:45:39 UTC
Your friendly security team received the following report via vendor-sec.
Please respond ASAP.
This issue is not public yet, please keep any information about it inside SUSE.
Note that build.opensuse.org *cannot* be used to prepare embargoed updates.

A heap-based buffer overflow flaw was found in the way CVS read proxy
connection HTTP responses. An attacker could use this to cause the
application to crash or, potentially, execute arbitrary code with the
privileges of the user running the application. (CVE-2012-0804)
Comment 2 Ludwig Nussel 2012-01-30 11:51:31 UTC
Created attachment 473239 [details]
patch
Comment 5 Marcus Meissner 2012-02-07 07:49:00 UTC
considered public, even though there was no official advisory (CRD passed Feb 1st)

please submit fixed packages.
Comment 6 Marcus Meissner 2012-02-10 10:26:48 UTC
ping... please submit today!
Comment 7 Philipp Thomas 2012-02-10 15:42:55 UTC
SRs submitted for factory, 12.1, 11.4, sle10-sp4, sle11-sp1 and sle11-sp2. Sles 9 needs no update as stated in comment #4. Now turning over to security.
Comment 8 Marcus Meissner 2012-02-13 10:34:36 UTC
i do not see sle11-sp1 submits, the rest apparently are there...

(sp2 not required as the source was not forked)
Comment 9 Philipp Thomas 2012-02-13 11:54:02 UTC
Somehow slipped through the cracks :( Now done as 17718.
Comment 12 Matthias Weckbecker 2012-02-21 15:23:22 UTC
I had a discussion with Philipp and he confirmed #11.

Yury, could you possibly reject the old patchinfos, please?
Thanks in advance.
Comment 14 Philipp Thomas 2012-02-22 13:10:52 UTC
OK, correct packages have been submitted in SRs 106449 (12.1), 106450 (11.4, 17862 (sle10-sp4) and 17863 (sle11).
Comment 16 Philipp Thomas 2012-02-22 16:18:29 UTC
Sigh, that's what you get for trying to multitask ... SRs 106518, 106522, 17866 and 17867 should now DTRT and fix it for real.
Comment 17 Bernhard Wiedemann 2012-02-22 17:00:19 UTC
This is an autogenerated message for OBS integration:
This bug (744059) was mentioned in
https://build.opensuse.org/request/show/106524 Factory / cvs
Comment 18 Marcus Meissner 2012-02-23 12:44:28 UTC
as everything is submitted, reassign to security-team for trackinbg
Comment 23 Swamp Workflow Management 2012-02-27 13:19:37 UTC
Update released for: cvs, cvs-debuginfo, cvs-debugsource, cvs-doc
Products:
openSUSE 11.4 (debug, i586, x86_64)
Comment 24 Swamp Workflow Management 2012-02-27 16:07:58 UTC
Update released for: cvs, cvs-debuginfo, cvs-debugsource, cvs-doc
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-DESKTOP 11-SP1-FOR-SP2 (i386, x86_64)
SLE-SDK 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1-FOR-SP2 (i386, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-FOR-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 25 Swamp Workflow Management 2012-02-27 16:08:58 UTC
Update released for: cvs, cvs-debuginfo, cvs-doc
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 26 Swamp Workflow Management 2012-02-27 16:31:47 UTC
Update released for: cvs, cvs-debuginfo, cvs-doc
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Comment 27 Bernhard Wiedemann 2012-02-28 09:00:10 UTC
This is an autogenerated message for OBS integration:
This bug (744059) was mentioned in
https://build.opensuse.org/request/show/107325 Evergreen:11.2 / cvs
Comment 28 Matthias Weckbecker 2012-02-28 11:05:52 UTC
released
Comment 29 Bernhard Wiedemann 2012-03-02 08:00:09 UTC
This is an autogenerated message for OBS integration:
This bug (744059) was mentioned in
https://build.opensuse.org/request/show/107749 Evergreen:11.2 / cvs