Report forwarded to debian-bugs-dist@lists.debian.org, Mark Brown <broonie@debian.org>: Bug#252253; Package zlib1g.
(full text, mbox, link).
Acknowledgement sent to Johan Thelmén <johan.thelmen@cygate.se>:
New Bug report received and forwarded. Copy sent to Mark Brown <broonie@debian.org>.
(full text, mbox, link).
Subject: SIGSEGV in zlib1g 1.2.1.1-3 with pwzip-file
Date: Wed, 2 Jun 2004 13:06:36 +0200
Package: zlib1g
Version: 1.2.1.1-3
Severity: important
Debian verison 0.70 and also in clamscan / ClamAV version devel-20040602
ii zlib1g 1.2.1.1-3
With zlib1g_1.1.4-1.0woody0_i386.deb it is working.
inflate_table (type=LENS, lens=0x8c24c08, codes=281, table=0x8c24c04, bits=0x8c24bec, work=0x8c24e88) at inftrees.c:110
110 count[lens[sym]]++;
(gdb) bt
#0 inflate_table (type=LENS, lens=0x8c24c08, codes=281, table=0x8c24c04, bits=0x8c24bec, work=0x8c24e88) at inftrees.c:110
#1 0x4006745b in inflate (strm=0x8054db8, flush=0) at inflate.c:868
#2 0x400273d9 in zzip_file_read (fp=0x8054d90, buf=0x0, len=146951176) at zziplib/zzip-file.c:391
#3 0x4002169b in cli_scanzip (desc=7, virname=0xbffff7a8, scanned=0x80529dc, root=0x805b198, limits=0x8c27338, options=9,
reclev=0xbffff784) at scanners.c:457
#4 0x40023139 in cli_magic_scandesc (desc=7, virname=0xbffff7a8, scanned=0x80529dc, root=0x805b198, limits=0x8c27338, options=9,
reclev=0xbffff784) at scanners.c:1072
#5 0x40023362 in cl_scandesc (desc=146951176, virname=0x8c24c08, scanned=0x8c24c08, root=0x8c24c08, limits=0x8c24c08,
options=146951176) at scanners.c:1136
#6 0x0804dac8 in checkfile (filename=0x8054c08 "3556419.4495.BKSO1kjuV", root=0x8c24c08, limits=0x8c24c08, options=146951176)
at manager.c:832
#7 0x0804ca05 in scanfile (filename=0x8054c08 "3556419.4495.BKSO1kjuV", root=0x805b198, user=0x401f3f58, opt=0x8053008,
limits=0x8c27338) at manager.c:513
#8 0x0804bdad in scanmanager (opt=0x8053008) at manager.c:307
#9 0x0804ab43 in clamscan (opt=0x8053008) at clamscan.c:147
#10 0x0804b2b8 in main (argc=2, argv=0xbffffb54) at options.c:149
--
Johan Thelmén
Cygate Måldata
Sweden Borlänge
Information forwarded to debian-bugs-dist@lists.debian.org: Bug#252253; Package zlib1g.
(full text, mbox, link).
Acknowledgement sent to Mark Brown <broonie@debian.org>:
Extra info received and forwarded to list.
(full text, mbox, link).
To: Johan Thelmén <johan.thelmen@cygate.se>,
252253@bugs.debian.org
Subject: Re: Bug#252253: SIGSEGV in zlib1g 1.2.1.1-3 with pwzip-file
Date: Wed, 2 Jun 2004 20:46:18 +0100
On Wed, Jun 02, 2004 at 01:06:36PM +0200, Johan Thelmén wrote:
> #7 0x0804ca05 in scanfile (filename=0x8054c08 "3556419.4495.BKSO1kjuV", root=0x805b198, user=0x401f3f58, opt=0x8053008,
Could you please supply one of these files that's causing trouble?
Thanks.
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."
Tags added: upstream
Request was from broonie@sirena.org.uk (Mark Brown)
to control@bugs.debian.org.
(full text, mbox, link).
Tags added: confirmed
Request was from broonie@sirena.org.uk (Mark Brown)
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org: Bug#252253; Package zlib1g.
(full text, mbox, link).
Acknowledgement sent to Mark Brown <broonie@debian.org>:
Extra info received and forwarded to list.
(full text, mbox, link).
tag 252253 + patch pending
thanks
I've got a fix which appears to deal with the problem.
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."
Tags added: patch, pending
Request was from Mark Brown <broonie@debian.org>
to control@bugs.debian.org.
(full text, mbox, link).
Tags added: fixed-upstream
Request was from broonie@sirena.org.uk (Mark Brown)
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Mark Brown <broonie@debian.org>: Bug#252253; Package zlib1g.
(full text, mbox, link).
Acknowledgement sent to linux@internetists.de:
Extra info received and forwarded to list. Copy sent to Mark Brown <broonie@debian.org>.
(full text, mbox, link).
Good Morning,
according to the following link http://lwn.net/Articles/99288/ the severity
should be changed or is this bug fixed in zlib1:1.2.1.1-5?
Regards
Chris
Information forwarded to debian-bugs-dist@lists.debian.org: Bug#252253; Package zlib1g.
(full text, mbox, link).
Acknowledgement sent to Mark Brown <broonie@debian.org>:
Extra info received and forwarded to list.
(full text, mbox, link).
Subject: Re: Bug#252253: Denial of Service attack possible?
Date: Thu, 26 Aug 2004 10:28:02 +0100
On Wed, Aug 25, 2004 at 10:47:57PM +0200, Chris Lehnberger wrote:
> according to the following link http://lwn.net/Articles/99288/ the severity
> should be changed or is this bug fixed in zlib1:1.2.1.1-5?
Probably, though the release and security teams are already aware. It
will be fixed in -6.
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."
Reply sent to Mark Brown <broonie@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Johan Thelmén <johan.thelmen@cygate.se>:
Bug acknowledged by developer.
(full text, mbox, link).
Source: zlib
Source-Version: 1:1.2.1.1-6
We believe that the bug you reported is fixed in the latest version of
zlib, which is due to be installed in the Debian FTP archive:
zlib-bin_1.2.1.1-6_i386.deb
to pool/main/z/zlib/zlib-bin_1.2.1.1-6_i386.deb
zlib1g-dev_1.2.1.1-6_i386.deb
to pool/main/z/zlib/zlib1g-dev_1.2.1.1-6_i386.deb
zlib1g-udeb_1.2.1.1-6_i386.udeb
to pool/main/z/zlib/zlib1g-udeb_1.2.1.1-6_i386.udeb
zlib1g_1.2.1.1-6_i386.deb
to pool/main/z/zlib/zlib1g_1.2.1.1-6_i386.deb
zlib_1.2.1.1-6.diff.gz
to pool/main/z/zlib/zlib_1.2.1.1-6.diff.gz
zlib_1.2.1.1-6.dsc
to pool/main/z/zlib/zlib_1.2.1.1-6.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 252253@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mark Brown <broonie@debian.org> (supplier of updated zlib package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 21 Aug 2004 23:30:57 +0100
Source: zlib
Binary: zlib1g-dev zlib1g lib64z1-dev lib64z1 zlib1g-udeb zlib-bin
Architecture: source i386
Version: 1:1.2.1.1-6
Distribution: testing
Urgency: high
Maintainer: Mark Brown <broonie@debian.org>
Changed-By: Mark Brown <broonie@debian.org>
Description:
zlib-bin - compression library - sample programs
zlib1g - compression library - runtime
zlib1g-dev - compression library - development
zlib1g-udeb - compression library - runtime for Debian installer (udeb)
Closes: 252253
Changes:
zlib (1:1.2.1.1-6) testing; urgency=high
.
* Fix the error handling in the new inflate implementation to avoid
incorrectly continuing to process in the error state. Thanks to Johan
Thelmén <johan.thelmen@cygate.se> for his help in finding and fixing this
bug. This is CAN-2004-0797 (closes: #252253).
Files:
08adcb71b4ed23d9b38fd5912f86c73c 679 libs optional zlib_1.2.1.1-6.dsc
4e8989cfce378495761a467b275ec09c 17454 libs optional zlib_1.2.1.1-6.diff.gz
e1e08653f9d0d79c9a50a8c6742bb557 38320 debian-installer optional zlib1g-udeb_1.2.1.1-6_i386.udeb
a6d230f3f3969ae7d1895435b4662282 62070 libs required zlib1g_1.2.1.1-6_i386.deb
70872f7645e1a0b5efd308ce3534cec4 409254 libdevel optional zlib1g-dev_1.2.1.1-6_i386.deb
104c1001587d0edaab3b39765ce8f729 25232 utils optional zlib-bin_1.2.1.1-6_i386.deb
package-type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBLjsoJ2Vo11xhU60RAjo6AKDj2h5S3sCopTfht9zTAg+7dYTGvQCgiexj
2X8ccdghMn1fyyWoQCNntbk=
=65/v
-----END PGP SIGNATURE-----
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.