Debian Bug report logs - #644614
multiple security issues in radvd 1.6

version graph

Package: radvd; Maintainer for radvd is Ghe Rivero <ghe@debian.org>; Source for radvd is src:radvd.

Reported by: Yves-Alexis Perez <corsac@debian.org>

Date: Fri, 7 Oct 2011 11:36:26 UTC

Severity: grave

Tags: security

Found in version 1.6-1

Fixed in versions radvd/1:1.8-1.1, radvd/1:1.1-3.1, radvd/1:1.6-1.1

Done: Yves-Alexis Perez <corsac@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Fri, 07 Oct 2011 11:36:29 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Ghe Rivero <ghe@debian.org>. (Fri, 07 Oct 2011 11:36:36 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: multiple security issues in radvd 1.6
Date: Fri, 07 Oct 2011 13:35:54 +0200
Package: radvd
Version: 1.6-1
Severity: grave
Tags: security
Justification: user security hole

Hey,

Solar Designer reported on http://seclists.org/oss-sec/2011/q4/30 that
multiple issues were found in radvd 1.8.1. Not all of them apply to
1.6-1 in squeeze or 1.8-1 in sid though.

As far as I can tell:

* CVE-2011-3601 (privilege escalation) is present in 1.8-1 but not in
  1.6-1 (no support for ND_OPT_DNSSL_INFORMATION in 1.6)
  Patch: https://github.com/reubenhwk/radvd/commit/9dfaaaf740ce784541e76e68de4ae04dce2c0921
* CVE-2011-3602 (arbitrary file overwrite) is present in both versions
  Patch: https://github.com/reubenhwk/radvd/commit/92e22ca23e52066da2258df8c76a2dca8a428bcc
* CVE-2011-3603 (failure to check privsep() errors) is present in both versions
  Patches: https://github.com/reubenhwk/radvd/commit/2c50375043186e133f15135f4c93ca964238ee60
           https://github.com/reubenhwk/radvd/commit/074816cd0b37aac7b3209987e6e998f0a847b275
           https://github.com/reubenhwk/radvd/commit/7dc53cc3b792775369bf0b2f053a3f4ed5d87e3d
* CVE-2011-3604 (buffer overreads) is present in both versions
  Patch: https://github.com/reubenhwk/radvd/commit/7de1b9abf87b747ee2611c0d2a94dfeee79878b4
* CVE-2011-3605 (denial of service in unicast mode) is present in both versions
  Patch:
  https://github.com/reubenhwk/radvd/commit/2591d0189257caeaae2057dfed0a260310497a61

I'm reporting only one bug for all the issues, which can be fixed by
uploading 1.8.2-1 to unstable. For squeeze, backporting the patches
should be fairly straightforward.

Please add CVE numbers in the changelog.

Regards,
-- 
Yves-Alexis

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash




Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Fri, 07 Oct 2011 11:42:10 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Fri, 07 Oct 2011 11:42:15 GMT) Full text and rfc822 format available.

Message #10 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: 644614@bugs.debian.org
Subject: Re: [Secure-testing-team] Bug#644614: multiple security issues in radvd 1.6
Date: Fri, 07 Oct 2011 13:39:45 +0200
[Message part 1 (text/plain, inline)]
On ven., 2011-10-07 at 13:35 +0200, Yves-Alexis Perez wrote:
> I'm reporting only one bug for all the issues, which can be fixed by
> uploading 1.8.2-1 to unstable. For squeeze, backporting the patches
> should be fairly straightforward.
> 
And for unstable it might be sound to start using hardening flags (see
http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html and
http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags)

Regards,
-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Fri, 07 Oct 2011 14:39:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Fri, 07 Oct 2011 14:39:05 GMT) Full text and rfc822 format available.

Message #15 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: secure-testing-team@lists.alioth.debian.org
Cc: 644614@bugs.debian.org, rt@rt.debian.org
Subject: [rt.debian.org #3440] Re: [Secure-testing-team] Bug#644614: multiple security issues in radvd 1.6
Date: Fri, 07 Oct 2011 16:38:10 +0200
[Message part 1 (text/plain, inline)]
On ven., 2011-10-07 at 13:35 +0200, Yves-Alexis Perez wrote:
> I'm reporting only one bug for all the issues, which can be fixed by
> uploading 1.8.2-1 to unstable. For squeeze, backporting the patches
> should be fairly straightforward.

Attached is an attempted debdiff for stable-security.

Regards,
-- 
Yves-Alexis
[radvd-1.6-1..1.6-1.1.diff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Wed, 12 Oct 2011 13:03:22 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Wed, 12 Oct 2011 13:03:31 GMT) Full text and rfc822 format available.

Message #20 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: secure-testing-team@lists.alioth.debian.org
Cc: 644614@bugs.debian.org, rt@rt.debian.org
Subject: Re: [Secure-testing-team] [rt.debian.org #3440] Re: Bug#644614: multiple security issues in radvd 1.6
Date: Wed, 12 Oct 2011 15:00:48 +0200
[Message part 1 (text/plain, inline)]
On ven., 2011-10-07 at 16:38 +0200, Yves-Alexis Perez wrote:
> On ven., 2011-10-07 at 13:35 +0200, Yves-Alexis Perez wrote:
> > I'm reporting only one bug for all the issues, which can be fixed by
> > uploading 1.8.2-1 to unstable. For squeeze, backporting the patches
> > should be fairly straightforward.
> 
> Attached is an attempted debdiff for stable-security.
> 
An updated fix for CVE-2011-3603 is available at
https://github.com/reubenhwk/radvd/commit/7a1471b62da88373e8f4209d503307c5d841b81f

so I'll make an updated package for stable-security. 1.8.3 should be
released soon for the same reason.

Regards,
-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Wed, 12 Oct 2011 14:00:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Wed, 12 Oct 2011 14:00:04 GMT) Full text and rfc822 format available.

Message #25 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: secure-testing-team@lists.alioth.debian.org
Cc: 644614@bugs.debian.org, rt@rt.debian.org
Subject: Re: [Secure-testing-team] [rt.debian.org #3440] Re: Bug#644614: multiple security issues in radvd 1.6
Date: Wed, 12 Oct 2011 15:56:46 +0200
[Message part 1 (text/plain, inline)]
On mer., 2011-10-12 at 15:00 +0200, Yves-Alexis Perez wrote:
> On ven., 2011-10-07 at 16:38 +0200, Yves-Alexis Perez wrote:
> > On ven., 2011-10-07 at 13:35 +0200, Yves-Alexis Perez wrote:
> > > I'm reporting only one bug for all the issues, which can be fixed by
> > > uploading 1.8.2-1 to unstable. For squeeze, backporting the patches
> > > should be fairly straightforward.
> > 
> > Attached is an attempted debdiff for stable-security.
> > 
> An updated fix for CVE-2011-3603 is available at
> https://github.com/reubenhwk/radvd/commit/7a1471b62da88373e8f4209d503307c5d841b81f
> 
> so I'll make an updated package for stable-security. 1.8.3 should be
> released soon for the same reason.

Here's the updated debdiff.
-- 
Yves-Alexis
[radvd_1.6-1_1.6-1.1.diff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Fri, 14 Oct 2011 07:15:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Fri, 14 Oct 2011 07:15:05 GMT) Full text and rfc822 format available.

Message #30 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: secure-testing-team@lists.alioth.debian.org
Cc: 644614@bugs.debian.org, rt@rt.debian.org
Subject: Re: [Secure-testing-team] [rt.debian.org #3440] Re: Bug#644614: multiple security issues in radvd 1.6
Date: Fri, 14 Oct 2011 09:10:41 +0200
[Message part 1 (text/plain, inline)]
On mer., 2011-10-12 at 15:56 +0200, Yves-Alexis Perez wrote:
> On mer., 2011-10-12 at 15:00 +0200, Yves-Alexis Perez wrote:
> > On ven., 2011-10-07 at 16:38 +0200, Yves-Alexis Perez wrote:
> > > On ven., 2011-10-07 at 13:35 +0200, Yves-Alexis Perez wrote:
> > > > I'm reporting only one bug for all the issues, which can be fixed by
> > > > uploading 1.8.2-1 to unstable. For squeeze, backporting the patches
> > > > should be fairly straightforward.
> > > 
> > > Attached is an attempted debdiff for stable-security.
> > > 
> > An updated fix for CVE-2011-3603 is available at
> > https://github.com/reubenhwk/radvd/commit/7a1471b62da88373e8f4209d503307c5d841b81f
> > 
> > so I'll make an updated package for stable-security. 1.8.3 should be
> > released soon for the same reason.
> 
> Here's the updated debdiff.

Here's the debdiff for Lenny. Since I got no news from the maintainer, I
guess I'll prepare a 1.8.2 NMU with the 7a1471 patch backported for
unstable.

Regards,
-- 
Yves-Alexis
[radvd_1.1-3_1.1-3.1.diff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Fri, 14 Oct 2011 21:30:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Fri, 14 Oct 2011 21:30:03 GMT) Full text and rfc822 format available.

Message #35 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: secure-testing-team@lists.alioth.debian.org
Cc: 644614@bugs.debian.org, rt@rt.debian.org
Subject: Re: [Secure-testing-team] [rt.debian.org #3440] Re: Bug#644614: multiple security issues in radvd 1.6
Date: Fri, 14 Oct 2011 23:26:56 +0200
[Message part 1 (text/plain, inline)]
On ven., 2011-10-14 at 09:10 +0200, Yves-Alexis Perez wrote:
> Here's the debdiff for Lenny. Since I got no news from the maintainer, I
> guess I'll prepare a 1.8.2 NMU with the 7a1471 patch backported for
> unstable. 

1.8.3 is out but that makes a diff a bit too huge for an NMU maybe.
Backporting only the relevant patch makes it a bit smaller, so here's
the debdiff I'm gonna upload to DELAYED/2.

Regards,
-- 
Yves-Alexis
[radvd_1.8-1_1.8-1.1.diff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Reply sent to Yves-Alexis Perez <corsac@debian.org>:
You have taken responsibility. (Sun, 16 Oct 2011 21:51:05 GMT) Full text and rfc822 format available.

Notification sent to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer. (Sun, 16 Oct 2011 21:51:05 GMT) Full text and rfc822 format available.

Message #40 received at 644614-close@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: 644614-close@bugs.debian.org
Subject: Bug#644614: fixed in radvd 1:1.8-1.1
Date: Sun, 16 Oct 2011 21:48:05 +0000
Source: radvd
Source-Version: 1:1.8-1.1

We believe that the bug you reported is fixed in the latest version of
radvd, which is due to be installed in the Debian FTP archive:

radvd_1.8-1.1.diff.gz
  to main/r/radvd/radvd_1.8-1.1.diff.gz
radvd_1.8-1.1.dsc
  to main/r/radvd/radvd_1.8-1.1.dsc
radvd_1.8-1.1_amd64.deb
  to main/r/radvd/radvd_1.8-1.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 644614@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Yves-Alexis Perez <corsac@debian.org> (supplier of updated radvd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 14 Oct 2011 23:28:02 +0200
Source: radvd
Binary: radvd
Architecture: source amd64
Version: 1:1.8-1.1
Distribution: unstable
Urgency: high
Maintainer: Ghe Rivero <ghe@debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description: 
 radvd      - Router Advertisement Daemon
Closes: 644614
Changes: 
 radvd (1:1.8-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * debian/patches: backport patches from upstream to fix various security
     issues:                                                     closes: #644614
     - 0001-set_interface_var-doesn-t-check-interface-name-and-b fix arbitrary
       file overwrite (CVE-2011-3602)
     - 0002-main-must-fail-on-privsep_init-errors-it-must-not-ru,
       0003-privsep_read_loop-should-return-on-unprivileged-daem and
       0004-Really-exit-on-privsep-init-failure fix failure to check return
       code of privilege dropping function (CVE-2011-3603)
     - 0005-process_ra-has-numerous-missed-len-checks.-It-leads- fix multiple
       buffer overreads (CVE-2011-3604)
     - 0006-removing-mdelay-in-unicast-only-case fix a denial of service
       (CVE-2011-3605)
     - 0007-checking-iface-name-more-carefully on top of
       0001-set_interface_var-doesn-t-check-interface-name-and-b
       (CVE-2011-3602)
Checksums-Sha1: 
 334f1bf7ab79f2fd6fac642bb8c085894b066db0 1632 radvd_1.8-1.1.dsc
 abdd106a8f01ed0b1e8b7f915e348e5eb19cd5f3 10738 radvd_1.8-1.1.diff.gz
 b7d3b7d144be29ae15e694f5db1c594ca94c1e15 76666 radvd_1.8-1.1_amd64.deb
Checksums-Sha256: 
 afe53c7dcee0f44549d58bf929e5d86ab1c33267051b679344442fa8f64cd9da 1632 radvd_1.8-1.1.dsc
 1434c12c5187cd950a61a24353cd35a86e4120741ca012145834a6af8777891d 10738 radvd_1.8-1.1.diff.gz
 a99866475ac0d4e6bb875cd06c5c5aa032d9d25c35858ed2b7d96ad8b311b120 76666 radvd_1.8-1.1_amd64.deb
Files: 
 465ccdfab9e50220c20ad9d90a28c8a0 1632 net optional radvd_1.8-1.1.dsc
 40d29fd64fd871ed6f382a76ea670bd2 10738 net optional radvd_1.8-1.1.diff.gz
 af80dd45f31c85faf615b1d4a417d04c 76666 net optional radvd_1.8-1.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJOmKnRAAoJEDBVD3hx7wuoUvAQAJTuQa0ERwJPe7l4E73xA11S
5+cVcyOl41lXilwNYTuh8iAeZjxG0fT/Oq4Lh3wmwVGOjDYNGo4cE6LJUxGpQSj5
pUWCoHZQALc0Uh9jrlO8HqVD05270kRopU8bf6Nzcc59cywlLYtU9+6zols0M9j+
Sy4DsWSj4M7TAftrQf31xOAPUDtih13dx088I65RJ4NXTxEjj7bWTT77mcHKSHDJ
NZm/EHr1PIbM4gyyznxM3tDdqlTjtetElDP24XPnoA2i13XexQqpiN644gaDOr5y
bhX92xHSZmK54OwEJNk7isyHB6iDFRwTEg1Q1sm3vM13zB6vXUCWGEaBvCdQXLFV
B8OCulS//cL+bXxYzq8FkXoI2asrllT833dsH+eT1JsmOoF2iudZzTVPyxFBgKHx
TkSBssdR3wzTDoOVBtow6WiYxmdZfU1n0yLxpYC6mVAscE+JMSxE1Cv3fixc1wg1
DUtZkhT+kZ+4SNcpxSsHGLvuCzYFhyYJQrmvtx3PJkTo+2Mc3i1CEXmOMNTDP7UB
g+J0ZnXdAmEc7GIFVUyF8KNTnWdhHuNQVBuU+r6zKYrOlaEcV7RE+CJnuebHKKuA
9dACl8oJr5JvTFEMB4LNmJ/kcdA1/ggH3zb4RxOLJth2lyeCJYtuxoOe83e30foX
7mayde2gSBXiVdzzzXbd
=Wghb
-----END PGP SIGNATURE-----





Information forwarded to debian-bugs-dist@lists.debian.org, Ghe Rivero <ghe@debian.org>:
Bug#644614; Package radvd. (Mon, 17 Oct 2011 16:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Ghe Rivero <ghe@debian.org>. (Mon, 17 Oct 2011 16:45:03 GMT) Full text and rfc822 format available.

Message #45 received at 644614@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: secure-testing-team@lists.alioth.debian.org
Cc: 644614@bugs.debian.org, rt@rt.debian.org
Subject: Re: [Secure-testing-team] [rt.debian.org #3440] Re: Bug#644614: multiple security issues in radvd 1.6
Date: Mon, 17 Oct 2011 18:42:46 +0200
[Message part 1 (text/plain, inline)]
On ven., 2011-10-14 at 23:26 +0200, Yves-Alexis Perez wrote:
> On ven., 2011-10-14 at 09:10 +0200, Yves-Alexis Perez wrote:
> > Here's the debdiff for Lenny. Since I got no news from the maintainer, I
> > guess I'll prepare a 1.8.2 NMU with the 7a1471 patch backported for
> > unstable. 
> 
> 1.8.3 is out but that makes a diff a bit too huge for an NMU maybe.
> Backporting only the relevant patch makes it a bit smaller, so here's
> the debdiff I'm gonna upload to DELAYED/2.
> 
Fix for CVE-2011-3601 was missing so here's the debdiff to the -1.2 NMU,
just uploaded to unstable.

Regards,
-- 
Yves-Alexis
[radvd_1.8-1.1_1.8-1.2.diff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Reply sent to Yves-Alexis Perez <corsac@debian.org>:
You have taken responsibility. (Fri, 28 Oct 2011 20:09:05 GMT) Full text and rfc822 format available.

Notification sent to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer. (Fri, 28 Oct 2011 20:09:05 GMT) Full text and rfc822 format available.

Message #50 received at 644614-close@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: 644614-close@bugs.debian.org
Subject: Bug#644614: fixed in radvd 1:1.1-3.1
Date: Fri, 28 Oct 2011 20:05:35 +0000
Source: radvd
Source-Version: 1:1.1-3.1

We believe that the bug you reported is fixed in the latest version of
radvd, which is due to be installed in the Debian FTP archive:

radvd_1.1-3.1.diff.gz
  to main/r/radvd/radvd_1.1-3.1.diff.gz
radvd_1.1-3.1.dsc
  to main/r/radvd/radvd_1.1-3.1.dsc
radvd_1.1-3.1_amd64.deb
  to main/r/radvd/radvd_1.1-3.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 644614@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Yves-Alexis Perez <corsac@debian.org> (supplier of updated radvd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 14 Oct 2011 08:58:40 +0200
Source: radvd
Binary: radvd
Architecture: source amd64
Version: 1:1.1-3.1
Distribution: oldstable-security
Urgency: high
Maintainer: Ghe Rivero <ghe@debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description: 
 radvd      - Router Advertisement Daemon
Closes: 644614
Changes: 
 radvd (1:1.1-3.1) oldstable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * debian/patches: backport patches from upstream to fix various security
     issues:                                                     closes: #644614
     - 0001-set_interface_var-doesn-t-check-interface-name-and-b fix arbitrary
       file overwrite (CVE-2011-3602)
     - 0002-main-must-fail-on-privsep_init-errors-it-must-not-ru,
       0003-privsep_read_loop-should-return-on-unprivileged-daem and
       0004-Really-exit-on-privsep-init-failure fix failure to check return
       code of privilege dropping function (CVE-2011-3603)
     - 0005-process_ra-has-numerous-missed-len-checks.-It-leads- fix multiple
       buffer overreads (CVE-2011-3604)
     - 0006-removing-mdelay-in-unicast-only-case fix a denial of service
       (CVE-2011-3605)
     - 0007-checking-iface-name-more-carefully on top of
       0001-set_interface_var-doesn-t-check-interface-name-and-b
       (CVE-2011-3602)
Checksums-Sha1: 
 33839fdcf5c0f0d654351dc0a3e46cfd5bef0def 1594 radvd_1.1-3.1.dsc
 e630e53c32dbd070bd704a3d0920f340a05730ab 146946 radvd_1.1.orig.tar.gz
 2f2b875f3513944323895c47e8569102ec83912c 9566 radvd_1.1-3.1.diff.gz
 3bfd0bcd5c0b16521389756272924ac586cf997e 66766 radvd_1.1-3.1_amd64.deb
Checksums-Sha256: 
 e10a2f19665a29989a3fd7e335cc7d355c15a028976761aa3c37dfd5e13514ee 1594 radvd_1.1-3.1.dsc
 a51e32fb9c0a5e12c67111dfd8490e1629c35aabbf9306a451db1dc06505fe90 146946 radvd_1.1.orig.tar.gz
 19973d940213ba9ed16126cc83e0c0b6d08932db70484865588ca14b31ee59c8 9566 radvd_1.1-3.1.diff.gz
 7dbaf57c49b0b10c48d67e52d02232f2550b776cc139d687826a0aec89637c5f 66766 radvd_1.1-3.1_amd64.deb
Files: 
 e47b054f8e70b3b49e630082ad50f4be 1594 net optional radvd_1.1-3.1.dsc
 9ee449e4b89171432cb9e9100e0b5648 146946 net optional radvd_1.1.orig.tar.gz
 cce4f93df9545fe47c6aa3691974b51f 9566 net optional radvd_1.1-3.1.diff.gz
 ec33c6419e6bbee9d1b38286d6f0e8d1 66766 net optional radvd_1.1-3.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJOncuSAAoJEDBVD3hx7wuoWE8P/jjnG7wBOgybjW+48uWSwNkZ
zoMZ38ujyhKRozSgyEMyF4lAYCs9uMh3MnRNoZDDicl47FYnuPVzu7OdfWcD7pX/
VAsBPlzDiPsuLR3KfvU7M3e8f4GNNVz4kR1ZXJEeynCz9KHnEIQftgCmKKQGHaXl
5B2v7eQLhhO2uGq1/MY6QHHO5Fur0SqFiwe/slM8C14uBZbMPDYVDrTJa634y6ty
xAMKIj6s8eFczLG5hL4Hw0WtXN65Zt2PCCRf0mDRIQbaQ82CfR9E16B+ZlfkaGqU
1syvkKAzqAmYPKCvGoHWwGdw0BaSXMglGRxkPoHThy7XpieqPP4L++n2HjxWc1ac
irFEjcrbuxYQ/jU5nAK+fMyEkiBcuOvcYlQBuwjcpPC0kf790nPabCXfUcqxlewL
u1RJp2Hsn/1dz+Xbj42yoLJQa6as4qdm20f5x/pAIxid5PJAxQEkDk2WXIR8sTFI
5giL+Ul9l/ZXGNJmgHqOnOYrIaTlavvWqkHV/CVJiUuFgt6hvPI80jvjYL5mDPPB
70aClawRtNUWY+9L2KOO0jicAHLKENS1NFB82eFFsKvA1LOYEuKy4E6CbTz2PbU0
fSOhzfh449Xl5LsEPSOeedRrGAl7dwIz1k08nS+S4Y4qhJYCjWyGDRJuiFUeWQCa
zrneQlI1IepddnQ4MX2q
=TJ+P
-----END PGP SIGNATURE-----





Reply sent to Yves-Alexis Perez <corsac@debian.org>:
You have taken responsibility. (Fri, 28 Oct 2011 20:09:07 GMT) Full text and rfc822 format available.

Notification sent to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer. (Fri, 28 Oct 2011 20:09:07 GMT) Full text and rfc822 format available.

Message #55 received at 644614-close@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: 644614-close@bugs.debian.org
Subject: Bug#644614: fixed in radvd 1:1.6-1.1
Date: Fri, 28 Oct 2011 20:05:42 +0000
Source: radvd
Source-Version: 1:1.6-1.1

We believe that the bug you reported is fixed in the latest version of
radvd, which is due to be installed in the Debian FTP archive:

radvd_1.6-1.1.diff.gz
  to main/r/radvd/radvd_1.6-1.1.diff.gz
radvd_1.6-1.1.dsc
  to main/r/radvd/radvd_1.6-1.1.dsc
radvd_1.6-1.1_amd64.deb
  to main/r/radvd/radvd_1.6-1.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 644614@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Yves-Alexis Perez <corsac@debian.org> (supplier of updated radvd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 12 Oct 2011 15:52:53 +0200
Source: radvd
Binary: radvd
Architecture: source amd64
Version: 1:1.6-1.1
Distribution: stable-security
Urgency: high
Maintainer: Ghe Rivero <ghe@debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description: 
 radvd      - Router Advertisement Daemon
Closes: 644614
Changes: 
 radvd (1:1.6-1.1) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * debian/patches: backport patches from upstream to fix various security
     issues:                                                     closes: #644614
     - 0001-set_interface_var-doesn-t-check-interface-name-and-b fix arbitrary
       file overwrite (CVE-2011-3602)
     - 0002-main-must-fail-on-privsep_init-errors-it-must-not-ru,
       0003-privsep_read_loop-should-return-on-unprivileged-daem and
       0004-Really-exit-on-privsep-init-failure fix failure to check return
       code of privilege dropping function (CVE-2011-3603)
     - 0005-process_ra-has-numerous-missed-len-checks.-It-leads- fix multiple
       buffer overreads (CVE-2011-3604)
     - 0006-removing-mdelay-in-unicast-only-case fix a denial of service
       (CVE-2011-3605)
     - 0007-checking-iface-name-more-carefully on top of
       0001-set_interface_var-doesn-t-check-interface-name-and-b
       (CVE-2011-3602)
Checksums-Sha1: 
 40d4aebcf9f4d52d932413041423fdce7a55bd29 1593 radvd_1.6-1.1.dsc
 3f6f1afeab6bfc35a464e6ef6f76ae00cc285d32 150545 radvd_1.6.orig.tar.gz
 bd9488a9820935fbe168a3014eecac283a985155 10505 radvd_1.6-1.1.diff.gz
 19726767b1d772fb85880b13244bfcea4def3934 74260 radvd_1.6-1.1_amd64.deb
Checksums-Sha256: 
 15b4ebee07c235efb5d7216893d5d7e78687d928b9509ca802ca21fc882e4734 1593 radvd_1.6-1.1.dsc
 59c20e31a0085ded29a7a6ea9479170d72fdfb4902c878ee8144127dd77a2102 150545 radvd_1.6.orig.tar.gz
 997d14e7670f0404f48d33dcb06f363f02386f5a296d319037810920b08577f2 10505 radvd_1.6-1.1.diff.gz
 e66b43bdb3bcaa2e79d5a8ed17791a64b02515e52a702b7d045f7dd2d92e4c82 74260 radvd_1.6-1.1_amd64.deb
Files: 
 7c42868cf3e8a64270d8168ea5932c49 1593 net optional radvd_1.6-1.1.dsc
 987e0660d68b4501b24dc5a068cea83c 150545 net optional radvd_1.6.orig.tar.gz
 2cb1efbceba06dde0e79325aa341e5e7 10505 net optional radvd_1.6-1.1.diff.gz
 bb2905a5fd4fe6165124812a3342566b 74260 net optional radvd_1.6-1.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJOnctbAAoJEDBVD3hx7wuo5WgQAN2Uvwy+BqXFf1pUI0FqpV/I
OEcEsS/kqG1F01fXguS3PXLcM4bonveHqStmu2yDOq/Xtjxq/KT+8Aq6Oot+TR+r
uvTrZUDFb+CdCNxYxvU/mHO+E7jpSYqiZ1RbLSgtsjRNFeCo+7oo78xVXs5Xspty
qz4cRqnoUYSgRIBCSUlKbsIIQ4Zx4et1uD0a3YBlyELx//cc+KuB5IrfHHMh/qkb
vWuoKamZeDtNsTOsiR/7om5bcIbmhJIad+ZO8R9cALEuJS/UrGZvSV7sX2H4P/rz
zxvaMEMCU6Ail5uHZ3ttdmJbkhGR3QQqQzHCVsd41HZ9VgHiKKzV0gZlY2K3aDaZ
pSQXQPTHEe1EnKtXz2BaZlTM4MTAK9XvgxjRdKubrz7kNuvXkn4+u8wtw69tgpyo
NssUNnGrykbLkMQBs335kvfwaX2qKBkGQqZmFLERQXaEShMb8/Trn7RY0wEykn1A
g7pu59iiJ2O7ea/78w64oQB+0Vj9PxJMHGlh5x7aj/t4UN+nUbq/nSDg7Ads6/Gx
ExKz58+4YKl5ziMVPzsbqi9jWkvJU+liRHYnoIhDon3eH5iNFqLvJds4QB6r15ez
d8xUTx+0Yt5xfvy+xoCKovNzfE4pccPZzRMTBvWn0pUqrTPm/MGtYDz59lOCGkjR
10Q24AHlT9x2/iVWZcme
=Lfq7
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 26 Nov 2011 07:32:51 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 16:35:41 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.