Debian Bug report logs - #478573
[peercast] CVE-2008-2040 stack-based buffer overflow in HTTP::getAuthUserPass function

version graph

Package: peercast; Maintainer for peercast is (unknown);

Reported by: Nico Golde <nion@debian.org>

Date: Tue, 29 Apr 2008 20:27:05 UTC

Severity: grave

Tags: patch, security

Fixed in versions peercast/0.1218+svn20080104-1.1, peercast/0.1217.toots.20060314-1etch1

Done: Romain Beauxis <toots@rastageeks.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, secure-testing-team@lists.alioth.debian.org, Romain Beauxis <toots@rastageeks.org>:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to secure-testing-team@lists.alioth.debian.org, Romain Beauxis <toots@rastageeks.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: submit@bugs.debian.org
Subject: [peercast] stack-based buffer overflow in HTTP::getAuthUserPass function
Date: Tue, 29 Apr 2008 22:22:50 +0200
[Message part 1 (text/plain, inline)]
Package: peercast
Severity: grave
Tags: security
X-Debbugs-CC: secure-testing-team@lists.alioth.debian.org

I found a security issue in the peercast server in the
HTTP::getAuthUserPass function. I already contacted the upstream author 6 days
ago and didn't get an answer yet so I am publishing this now.

From core/common/http.cpp:

105 void HTTP::getAuthUserPass(char *user, char *pass)
106 {
107         if (arg)
108         {   
109                 char *s = stristr(arg,"Basic");
110                 if (s) 
111                 {   
112                         while (*s)
113                                 if (*s++ == ' ')
114                                         break;
115                         String str;
116                         str.set(s,String::T_BASE64);
117                         str.convertTo(String::T_ASCII);
118                         s = strstr(str.cstr(),":");
119                         if (s) 
120                         {   
121                                 *s = 0;
122                                 if (user)
123                                         strcpy(user,str.cstr());
124                                 if (pass)
125                                         strcpy(pass,s+1);

This function is used if authentication to the peercast server is done by basic http auth
rather than by a cookie. In line 116 the base64 encoded string is copied into str.
Note the set method is peercasts own implementation of set since it reimplements the String
class. set looks like this:

From core/common/sys.h:
38                 MAX_LEN = 256 
...
62         void set(const char *p, TYPE t=T_ASCII)
63         {   
64                 strncpy(data,p,MAX_LEN-1);
65                 data[MAX_LEN-1] = 0;
66                 type = t;
67         }   

In line 117 the string gets decoded and in line 118 and 
following the part before ':' in the decoded string gets copied
into user and the part after it into pass.

From core/common/servhs.cpp:
558 bool Servent::handshakeAuth(HTTP &http,const char *args,bool local)
559 {
560         char user[64],pass[64];
561         user[0] = pass[0] = 0;
...
580     while (http.nextHeader())
581         {   
582                 char *arg = http.getArgStr();
583                 if (!arg)
584                         continue;
585
586                 switch (servMgr->authType)
587                 {   
588                         case ServMgr::AUTH_HTTPBASIC:
589                                 if (http.isHeader("Authorization"))
590                                         http.getAuthUserPass(user,pass);
591                                 break;

user and pass are only declared to have 64 bytes (line 558) while the buffer used for 
copy can store up to MAX_LEN (256) bytes (ok minus the : here). Servent::handshakeAuth calls then
the getAuthUserPass function triggering a buffer overflow.
It's thus possible to crash the server and execute arbitrary code if the server
allows http-basic authentication.

I already requested a CVE id for this.

An example configuration and PoC is attached.

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[peercast.ini (text/plain, attachment)]
[peercast.py (text/x-python, attachment)]
[Message part 4 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Romain Beauxis <toots@rastageeks.org>:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Romain Beauxis <toots@rastageeks.org>. Full text and rfc822 format available.

Message #10 received at 478573@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 478573@bugs.debian.org, 478680@bugs.debian.org
Subject: got CVE id
Date: Wed, 30 Apr 2008 16:41:51 +0200
[Message part 1 (text/plain, inline)]
retitle 478680 [gnome-peercast] CVE-2008-2040 stack-based buffer overflow in HTTP::getAuthUserPass function
retitle 478573 [peercast] CVE-2008-2040 stack-based buffer overflow in HTTP::getAuthUserPass function
thanks

Hi,
CVE-2008-2040 was assigned to that, please mention the CVE 
id in the changelog if you fix this bug.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Changed Bug title to `[peercast] CVE-2008-2040 stack-based buffer overflow in HTTP::getAuthUserPass function' from `[peercast] stack-based buffer overflow in HTTP::getAuthUserPass function'. Request was from Nico Golde <nion@debian.org> to control@bugs.debian.org. (Wed, 30 Apr 2008 14:45:06 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Romain Beauxis <toots@rastageeks.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #17 received at 478573@bugs.debian.org (full text, mbox):

From: Romain Beauxis <toots@rastageeks.org>
To: Nico Golde <nion@debian.org>, 478573@bugs.debian.org
Subject: Re: Bug#478573: got CVE id
Date: Wed, 30 Apr 2008 16:56:24 +0200
Le Wednesday 30 April 2008 16:41:51 Nico Golde, vous avez écrit :
> Hi,

	Hi !

> CVE-2008-2040 was assigned to that, please mention the CVE
> id in the changelog if you fix this bug.

Do you have fix by the way ?

Romain
-- 
We sick an' tired of-a your ism-skism game -
Dyin' 'n' goin' to heaven in-a Jesus' name, Lord.
We know when we understand:
Almighty God is a living man.




Information forwarded to debian-bugs-dist@lists.debian.org, Romain Beauxis <toots@rastageeks.org>:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Romain Beauxis <toots@rastageeks.org>. Full text and rfc822 format available.

Message #22 received at 478573@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: Romain Beauxis <toots@rastageeks.org>, 478573@bugs.debian.org
Subject: Re: Bug#478573: got CVE id
Date: Wed, 30 Apr 2008 17:15:32 +0200
[Message part 1 (text/plain, inline)]
Hi Romain,
* Romain Beauxis <toots@rastageeks.org> [2008-04-30 17:03]:
> Le Wednesday 30 April 2008 16:41:51 Nico Golde, vous avez écrit :
> > CVE-2008-2040 was assigned to that, please mention the CVE
> > id in the changelog if you fix this bug.
> 
> Do you have fix by the way ?

Currently writing one.
Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Romain Beauxis <toots@rastageeks.org>:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Romain Beauxis <toots@rastageeks.org>. Full text and rfc822 format available.

Message #27 received at 478573@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 478573@bugs.debian.org, 478680@bugs.debian.org
Subject: patch
Date: Wed, 30 Apr 2008 18:05:48 +0200
[Message part 1 (text/plain, inline)]
tags 478680 + patch
tags 478573 + patch
thanks

Hi,
attached is a patch to fix this issue.
Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[peercast.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]

Tags added: patch Request was from Nico Golde <nion@debian.org> to control@bugs.debian.org. (Wed, 30 Apr 2008 16:18:23 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Romain Beauxis <toots@rastageeks.org>:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Romain Beauxis <toots@rastageeks.org>. Full text and rfc822 format available.

Message #34 received at 478573@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 478573@bugs.debian.org
Subject: intent to NMU
Date: Fri, 2 May 2008 12:56:02 +0200
[Message part 1 (text/plain, inline)]
Hi,
uploading 0-day NMU with maintainers permission.
debdiff attached and also archived on:
http://people.debian.org/~nion/nmu-diff/peercast-0.1218+svn20080104-1_0.1218+svn20080104-1.1.patch

Note, looking at the debdiff you will see that 
dh_listpackages were added in some log files. I did not do 
this, they are added automatically. Should be fixed in the 
build system later :)

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[peercast-0.1218+svn20080104-1_0.1218+svn20080104-1.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]

Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #39 received at 478573-close@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 478573-close@bugs.debian.org
Subject: Bug#478573: fixed in peercast 0.1218+svn20080104-1.1
Date: Fri, 02 May 2008 11:02:08 +0000
Source: peercast
Source-Version: 0.1218+svn20080104-1.1

We believe that the bug you reported is fixed in the latest version of
peercast, which is due to be installed in the Debian FTP archive:

peercast-handlers_0.1218+svn20080104-1.1_all.deb
  to pool/main/p/peercast/peercast-handlers_0.1218+svn20080104-1.1_all.deb
peercast-servent_0.1218+svn20080104-1.1_all.deb
  to pool/main/p/peercast/peercast-servent_0.1218+svn20080104-1.1_all.deb
peercast_0.1218+svn20080104-1.1.diff.gz
  to pool/main/p/peercast/peercast_0.1218+svn20080104-1.1.diff.gz
peercast_0.1218+svn20080104-1.1.dsc
  to pool/main/p/peercast/peercast_0.1218+svn20080104-1.1.dsc
peercast_0.1218+svn20080104-1.1_amd64.deb
  to pool/main/p/peercast/peercast_0.1218+svn20080104-1.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 478573@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated peercast package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 02 May 2008 12:44:34 +0200
Source: peercast
Binary: peercast-servent peercast peercast-handlers
Architecture: source all amd64
Version: 0.1218+svn20080104-1.1
Distribution: unstable
Urgency: high
Maintainer: Romain Beauxis <toots@rastageeks.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 peercast   - P2P audio and video streaming servent
 peercast-handlers - P2P audio and video streaming handlers
 peercast-servent - P2P audio and video streaming servent (dummy package)
Closes: 478573
Changes: 
 peercast (0.1218+svn20080104-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * This update addresses the following security issue:
     - CVE-2008-2040: stack-based buffer overfow in the
       HTTP::getAuthUserPass function leading to remote DoS
       or arbitrary code execution if peercast is configured
       to use http-basic authentication (Closes: #478573).
Checksums-Sha1: 
 9c44bc5d221a820b5c65dd45fec7594a4642b35c 1142 peercast_0.1218+svn20080104-1.1.dsc
 edc177024da645e969838f61c56ce9c93e519e32 9956 peercast_0.1218+svn20080104-1.1.diff.gz
 8ac38683d3a489c31584c04614c272e91da4b53d 3784 peercast-servent_0.1218+svn20080104-1.1_all.deb
 529e8c1fca0ece55d8af14d6e9332bb0ce7bd270 6908 peercast-handlers_0.1218+svn20080104-1.1_all.deb
 6bba22f7e8a28a2c0464e07825734c2633d07dd9 200278 peercast_0.1218+svn20080104-1.1_amd64.deb
Checksums-Sha256: 
 27bb594d4b66138131a53d6204e0fe4fcf690f943b4782395eaa8540fc08cb87 1142 peercast_0.1218+svn20080104-1.1.dsc
 5cdcaac114a132202c6258603953fbdecb9f6941a8dc2431e577d9544406069a 9956 peercast_0.1218+svn20080104-1.1.diff.gz
 5259ec71211bbb91b0bf7447bc50e074ca2a0e19362f57999e62489ee818a9ce 3784 peercast-servent_0.1218+svn20080104-1.1_all.deb
 4713b8d72e5afbcc48f5f849442b3c14aee4206193e8f687101354cf6dfc175a 6908 peercast-handlers_0.1218+svn20080104-1.1_all.deb
 c7bd5525327058b207702ea36dc12decd8cd95b1b184cbf1fdea7e5e6d3ba56f 200278 peercast_0.1218+svn20080104-1.1_amd64.deb
Files: 
 31301f18409e31ddac40f89dc8ac2b3f 1142 sound optional peercast_0.1218+svn20080104-1.1.dsc
 98cbcc57586e3c39488adbd075d71908 9956 sound optional peercast_0.1218+svn20080104-1.1.diff.gz
 cfd41041fb026aed4240214017c14c88 3784 sound optional peercast-servent_0.1218+svn20080104-1.1_all.deb
 a54955b37b0205e005bbbb93efac0164 6908 sound optional peercast-handlers_0.1218+svn20080104-1.1_all.deb
 3c7c94e943a2f5ebeb7b3835a6ebf009 200278 sound optional peercast_0.1218+svn20080104-1.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIGvNRHYflSXNkfP8RAn8wAKCi22X2JDvzM4VTVEctcccqskhKmgCfUTuO
wRlEneLrE9SIy9zUZTFcaWA=
=5cuj
-----END PGP SIGNATURE-----





Information forwarded to debian-bugs-dist@lists.debian.org, Romain Beauxis <toots@rastageeks.org>:
Bug#478573; Package peercast. Full text and rfc822 format available.

Acknowledgement sent to Takuo Kitame <kitame@debian.org>:
Extra info received and forwarded to list. Copy sent to Romain Beauxis <toots@rastageeks.org>. Full text and rfc822 format available.

Message #44 received at 478573@bugs.debian.org (full text, mbox):

From: Takuo Kitame <kitame@debian.org>
To: 478680@bugs.debian.org, 478573@bugs.debian.org
Subject: fix soon.
Date: Thu, 08 May 2008 15:27:53 +0900
I'll fix it next weekend.

Regards.
-- 
Takuo Kitame <kitame at debian.org>





Reply sent to Romain Beauxis <toots@rastageeks.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #49 received at 478573-close@bugs.debian.org (full text, mbox):

From: Romain Beauxis <toots@rastageeks.org>
To: 478573-close@bugs.debian.org
Subject: Bug#478573: fixed in peercast 0.1217.toots.20060314-1etch1
Date: Thu, 05 Jun 2008 07:52:23 +0000
Source: peercast
Source-Version: 0.1217.toots.20060314-1etch1

We believe that the bug you reported is fixed in the latest version of
peercast, which is due to be installed in the Debian FTP archive:

libpeercast0-dev_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch1_amd64.deb
libpeercast0_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch1_amd64.deb
peercast-handlers_0.1217.toots.20060314-1etch1_all.deb
  to pool/main/p/peercast/peercast-handlers_0.1217.toots.20060314-1etch1_all.deb
peercast-servent_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch1_amd64.deb
peercast_0.1217.toots.20060314-1etch1.diff.gz
  to pool/main/p/peercast/peercast_0.1217.toots.20060314-1etch1.diff.gz
peercast_0.1217.toots.20060314-1etch1.dsc
  to pool/main/p/peercast/peercast_0.1217.toots.20060314-1etch1.dsc
peercast_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/peercast_0.1217.toots.20060314-1etch1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 478573@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Romain Beauxis <toots@rastageeks.org> (supplier of updated peercast package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 18 May 2008 03:28:44 +0200
Source: peercast
Binary: libpeercast0 peercast-handlers peercast-servent peercast libpeercast0-dev
Architecture: source amd64 all
Version: 0.1217.toots.20060314-1etch1
Distribution: stable-security
Urgency: low
Maintainer: Romain Beauxis <toots@rastageeks.org>
Changed-By: Romain Beauxis <toots@rastageeks.org>
Description: 
 libpeercast0 - P2P audio and video streaming server libraries
 libpeercast0-dev - P2P audio and video streaming server -- development
 peercast   - P2P audio and video streaming server metapackage
 peercast-handlers - P2P audio and video streaming handlers
 peercast-servent - P2P audio and video streaming servent
Closes: 478573
Changes: 
 peercast (0.1217.toots.20060314-1etch1) stable-security; urgency=low
 .
   * Fixed CVE-2008-2040:
     | stack-based buffer overfow in the
     | HTTP::getAuthUserPass function leading
     | to remote DoS or arbitrary code execution
     | if peercast is configured to use http-basic
     | authentication
     Closes: #478573
   Thanks to Nico Golde <nion@debian.org> for reporting and fixing
   the issue.
Files: 
 10e545471f649cd37409dc9cbfd7960a 1070 sound optional peercast_0.1217.toots.20060314-1etch1.dsc
 c7fc173230621f05137a6420a48b3347 7458 sound optional peercast_0.1217.toots.20060314-1etch1.diff.gz
 ac385ad05a69ba429c2e300920ff1192 6828 sound optional peercast-handlers_0.1217.toots.20060314-1etch1_all.deb
 0a0bd5ef6f4c6632d3f904100474f66a 2924 sound optional peercast_0.1217.toots.20060314-1etch1_amd64.deb
 d42cf469c93a79a328d7e8e31bc9c90c 50774 sound optional peercast-servent_0.1217.toots.20060314-1etch1_amd64.deb
 2378fddac9eea542ee891cb96d77b8d4 172136 libs optional libpeercast0_0.1217.toots.20060314-1etch1_amd64.deb
 53638a13906e1599c5938d067ffe729b 323944 libdevel optional libpeercast0-dev_0.1217.toots.20060314-1etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSDLETgC5aaocqV0ZAQIWmgf/Y3afdxpaURG/frqBCDTdqs5Bw2RD5GRJ
VqeCaWerXVnYAODF+Ao3nWfz5mpB4kZCwKLaaymONyX/0O14Yl4y3URJTAHjZxyr
ci8Vq8MGHwiOWUxLfbkBgf+eNtuXK6MN/lobPcAICusFgwz0ttDDfaqpvwF24kWM
534PxFdNbwofEMlY6XloJdf0N3X7NUwrWGx1ei4N66HH5KX4Ckycs1qdRsFqCsCo
2lcB1ew23byijfe4JlpX3ZAY1vUDBZSqDl9wEroZh5LIuih6XBnmAsy/RcEj8Do3
FgewdgSwsOfWiI9neYmM17+o01XQpSfjmlindHFPNwnK2BS5nw9JxQ==
=s9DG
-----END PGP SIGNATURE-----





Reply sent to Romain Beauxis <toots@rastageeks.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #54 received at 478573-close@bugs.debian.org (full text, mbox):

From: Romain Beauxis <toots@rastageeks.org>
To: 478573-close@bugs.debian.org
Subject: Bug#478573: fixed in peercast 0.1217.toots.20060314-1etch1
Date: Sat, 26 Jul 2008 09:57:49 +0000
Source: peercast
Source-Version: 0.1217.toots.20060314-1etch1

We believe that the bug you reported is fixed in the latest version of
peercast, which is due to be installed in the Debian FTP archive:

libpeercast0-dev_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch1_amd64.deb
libpeercast0_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch1_amd64.deb
peercast-handlers_0.1217.toots.20060314-1etch1_all.deb
  to pool/main/p/peercast/peercast-handlers_0.1217.toots.20060314-1etch1_all.deb
peercast-servent_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch1_amd64.deb
peercast_0.1217.toots.20060314-1etch1.diff.gz
  to pool/main/p/peercast/peercast_0.1217.toots.20060314-1etch1.diff.gz
peercast_0.1217.toots.20060314-1etch1.dsc
  to pool/main/p/peercast/peercast_0.1217.toots.20060314-1etch1.dsc
peercast_0.1217.toots.20060314-1etch1_amd64.deb
  to pool/main/p/peercast/peercast_0.1217.toots.20060314-1etch1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 478573@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Romain Beauxis <toots@rastageeks.org> (supplier of updated peercast package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 18 May 2008 03:28:44 +0200
Source: peercast
Binary: libpeercast0 peercast-handlers peercast-servent peercast libpeercast0-dev
Architecture: source amd64 all
Version: 0.1217.toots.20060314-1etch1
Distribution: stable-security
Urgency: low
Maintainer: Romain Beauxis <toots@rastageeks.org>
Changed-By: Romain Beauxis <toots@rastageeks.org>
Description: 
 libpeercast0 - P2P audio and video streaming server libraries
 libpeercast0-dev - P2P audio and video streaming server -- development
 peercast   - P2P audio and video streaming server metapackage
 peercast-handlers - P2P audio and video streaming handlers
 peercast-servent - P2P audio and video streaming servent
Closes: 478573
Changes: 
 peercast (0.1217.toots.20060314-1etch1) stable-security; urgency=low
 .
   * Fixed CVE-2008-2040:
     | stack-based buffer overfow in the
     | HTTP::getAuthUserPass function leading
     | to remote DoS or arbitrary code execution
     | if peercast is configured to use http-basic
     | authentication
     Closes: #478573
   Thanks to Nico Golde <nion@debian.org> for reporting and fixing
   the issue.
Files: 
 10e545471f649cd37409dc9cbfd7960a 1070 sound optional peercast_0.1217.toots.20060314-1etch1.dsc
 c7fc173230621f05137a6420a48b3347 7458 sound optional peercast_0.1217.toots.20060314-1etch1.diff.gz
 ac385ad05a69ba429c2e300920ff1192 6828 sound optional peercast-handlers_0.1217.toots.20060314-1etch1_all.deb
 0a0bd5ef6f4c6632d3f904100474f66a 2924 sound optional peercast_0.1217.toots.20060314-1etch1_amd64.deb
 d42cf469c93a79a328d7e8e31bc9c90c 50774 sound optional peercast-servent_0.1217.toots.20060314-1etch1_amd64.deb
 2378fddac9eea542ee891cb96d77b8d4 172136 libs optional libpeercast0_0.1217.toots.20060314-1etch1_amd64.deb
 53638a13906e1599c5938d067ffe729b 323944 libdevel optional libpeercast0-dev_0.1217.toots.20060314-1etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSDLETgC5aaocqV0ZAQIWmgf/Y3afdxpaURG/frqBCDTdqs5Bw2RD5GRJ
VqeCaWerXVnYAODF+Ao3nWfz5mpB4kZCwKLaaymONyX/0O14Yl4y3URJTAHjZxyr
ci8Vq8MGHwiOWUxLfbkBgf+eNtuXK6MN/lobPcAICusFgwz0ttDDfaqpvwF24kWM
534PxFdNbwofEMlY6XloJdf0N3X7NUwrWGx1ei4N66HH5KX4Ckycs1qdRsFqCsCo
2lcB1ew23byijfe4JlpX3ZAY1vUDBZSqDl9wEroZh5LIuih6XBnmAsy/RcEj8Do3
FgewdgSwsOfWiI9neYmM17+o01XQpSfjmlindHFPNwnK2BS5nw9JxQ==
=s9DG
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 16 Feb 2009 08:30:55 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 23:39:00 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.