Acknowledgement sent
to Jonathan Neuschäfer <j.neuschaefer@gmx.net>:
New Bug report received and forwarded. Copy sent to j.neuschaefer@gmx.net, max@musicpd.org, team@security.debian.org, Sebastian Harl <tokkee@debian.org>.
(Tue, 03 Apr 2018 14:51:07 GMT) (full text, mbox, link).
Package: ncmpc
Version: 0.27-1
Severity: normal
Tags: patch security
Hi,
Ncmpc can be crashed when the user uses the chat screen and another
client sends a long chat message, due to a NULL pointer dereference.
I have a patch that fixes this for v0.27 (currently in Debian) and v0.29
(newest upstream release). The bug is fixed in upstream's master branch.
I tagged this report as "security"-related, because the client can be
crashed by the actions of another client, but I don't think this allows
anything more serious than a NULL pointer derefence (probably no RCE).
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, mips, armhf, armel
Kernel: Linux 4.15.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages ncmpc depends on:
ii libc6 2.27-2
ii libglib2.0-0 2.56.0-4
ii liblirc-client0 0.10.0-2+b1
ii libmpdclient2 2.11-1
ii libncursesw5 6.1-1
ii libtinfo5 6.1-1
ncmpc recommends no packages.
Versions of packages ncmpc suggests:
ii mpd 0.20.18-1
pn ncmpc-lyrics <none>
-- no debconf information
Marked as found in versions ncmpc/0.24-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Tue, 03 Apr 2018 19:51:08 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Sebastian Harl <tokkee@debian.org>: Bug#894724; Package ncmpc.
(Wed, 04 Apr 2018 04:57:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Sebastian Harl <tokkee@debian.org>.
(Wed, 04 Apr 2018 04:57:04 GMT) (full text, mbox, link).
To: Jonathan Neusch??fer <j.neuschaefer@gmx.net>, 894724@bugs.debian.org
Subject: Re: Bug#894724: ncmpc: Crash in chat screen when another client
sends a long line
Date: Wed, 4 Apr 2018 06:54:43 +0200
Control: retitle -1 ncmpc: CVE-2018-9240: Crash in chat screen when another client sends a long line
Hi Jonathan,
On Tue, Apr 03, 2018 at 04:48:23PM +0200, Jonathan Neusch??fer wrote:
> I tagged this report as "security"-related, because the client can be
> crashed by the actions of another client, but I don't think this allows
> anything more serious than a NULL pointer derefence (probably no RCE).
MITRE has assigned CVE-2018-9240 for this issue.
Regards,
Salvatore
Changed Bug title to 'ncmpc: CVE-2018-9240: Crash in chat screen when another client sends a long line' from 'ncmpc: Crash in chat screen when another client sends a long line'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 894724-submit@bugs.debian.org.
(Wed, 04 Apr 2018 04:57:04 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Florian Schlichting <fsfs@debian.org>
to control@bugs.debian.org.
(Mon, 07 Jan 2019 22:45:04 GMT) (full text, mbox, link).
Reply sent
to Geoffroy Youri Berret <efrim@azylum.org>:
You have taken responsibility.
(Mon, 14 Jan 2019 22:51:03 GMT) (full text, mbox, link).
Notification sent
to Jonathan Neuschäfer <j.neuschaefer@gmx.net>:
Bug acknowledged by developer.
(Mon, 14 Jan 2019 22:51:03 GMT) (full text, mbox, link).
Source: ncmpc
Source-Version: 0.33-1
We believe that the bug you reported is fixed in the latest version of
ncmpc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 894724@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Geoffroy Youri Berret <efrim@azylum.org> (supplier of updated ncmpc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 07 Jan 2019 14:55:41 +0100
Source: ncmpc
Binary: ncmpc ncmpc-lyrics
Architecture: source amd64 all
Version: 0.33-1
Distribution: unstable
Urgency: medium
Maintainer: mpd maintainers <pkg-mpd-maintainers@lists.alioth.debian.org>
Changed-By: Geoffroy Youri Berret <efrim@azylum.org>
Description:
ncmpc - ncurses-based audio player
ncmpc-lyrics - ncurses-based audio player (lyrics plugins)
Closes: 894724896059902699916731
Changes:
ncmpc (0.33-1) unstable; urgency=medium
.
* Enable pgpmode in watch file, add upstream signing key
* New upstream release.
- Fix "CVE-2018-9240 (Closes: #894724)
- Fix "segfault on bad connection" (Closes: #902699)
- Fix "Defaults to non-policy-compliant configuration
file" (Closes: #896059)
* Update standards version to 4.3.0.
Update debhelper to compat 12
Update upstream Homepage
* Update d/rules to build with meson.
Switch from menu to XDG Desktop file
* Refactored copyright (dep-5 machine-interpretable format)
* Takeover for the mpd-team (Closes: #916731)
* Register html manual with doc-base
Checksums-Sha1:
2409c04e1484f7e85973d651eee046248824872c 2342 ncmpc_0.33-1.dsc
b5bcb49069c6a89e7d05644cecda244c7da4d1be 226344 ncmpc_0.33.orig.tar.xz
32878b37a378c1a3607ae82dd789e702f41f5ef4 879 ncmpc_0.33.orig.tar.xz.asc
9aa6c7d4881bd09d0734ba700be5972cc7ed2a7c 16344 ncmpc_0.33-1.debian.tar.xz
da69f11f76c636ce008f9f01a46fd0d35a2791f4 4774620 ncmpc-dbgsym_0.33-1_amd64.deb
d4a341c28e6c56a8a10e49934adb612836e2c131 13932 ncmpc-lyrics_0.33-1_all.deb
94350fdccb2e4d17e2162c574d090b81f3390251 7996 ncmpc_0.33-1_amd64.buildinfo
aea68d77c2b126c0f727f5e17a550b51925fd5b9 283788 ncmpc_0.33-1_amd64.deb
Checksums-Sha256:
54d82f9cb50c2e1d6dd23990d132c54d46f668badccf089f4c0418c4b0f2bbb8 2342 ncmpc_0.33-1.dsc
94e04a34854015aa013b43ec15b578f4541d077cf7ae5bf7c0944475673fd7a5 226344 ncmpc_0.33.orig.tar.xz
dc067705e2396cb405bba3d7a1ffdc1fa9db2787cea58476736f483ac17a5d9d 879 ncmpc_0.33.orig.tar.xz.asc
a9465edb56a39a5c24421bf69471c91a884a9d7e1b60e9c29321b0f38a6592e0 16344 ncmpc_0.33-1.debian.tar.xz
41e5b71c1f7b0b3451b9774cc3a9bd271c8c0f7bda229ef6bc1b7b639375b3c6 4774620 ncmpc-dbgsym_0.33-1_amd64.deb
cf30431c1dd95e4e49a6a9d12f7b22a7dfa23c4df1d14bb17309dd90b800bf04 13932 ncmpc-lyrics_0.33-1_all.deb
26b4c7c6f448cdce742ac75297a99a181b9029102b6d45c72cab5657137c9357 7996 ncmpc_0.33-1_amd64.buildinfo
613f0f8940a547191b5a026cc6749dc366dffa13a1febae69ed701ec09762927 283788 ncmpc_0.33-1_amd64.deb
Files:
a56902d82a975f7afcfc881cafc4a0da 2342 sound optional ncmpc_0.33-1.dsc
166394cf1ab645de219bd1d525930343 226344 sound optional ncmpc_0.33.orig.tar.xz
8b51e78d4e7aba28ac96363508837be8 879 sound optional ncmpc_0.33.orig.tar.xz.asc
42001ea07b36b52bf4359e4279386a84 16344 sound optional ncmpc_0.33-1.debian.tar.xz
59007c558ff2baec4d2d47ff4f290bfa 4774620 debug optional ncmpc-dbgsym_0.33-1_amd64.deb
eb0c101afb516168b2d4addcff15c8c7 13932 sound optional ncmpc-lyrics_0.33-1_all.deb
a4128e12201e33eb9189ed6d53c470b5 7996 sound optional ncmpc_0.33-1_amd64.buildinfo
9e0587783ce1078e0d863904842c9a3d 283788 sound optional ncmpc_0.33-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEMLI8i05qOwnqprZSEpc7bnLcB7UFAlwzzDYACgkQEpc7bnLc
B7WroQ/7B1rWidi4Pn21bC/4qSk/VCeceTGqeiuC4nM3mqk5H7F09fnWqQ7WuzYe
Biay54BSGQKEuqk9XY948gF5ytxgHh6WPz7ngDwTlDn/7n83ix1mukQs3+u2EbXb
5mCS6SYuJKMrGOKV9caQIHoXOym4HTnKnUclZjC0YEJ0G7jNLu5spk8954bfoKb1
FeaqHWb8jJie7bqph4ES6+annR67L5NJWVNlR1hdiWPIeDy3ZWSoSMIVEHgsfCGm
MML1M6R7YO3sPz5uNvwWtNrm7DooVUZRJ/LCpkb8y4zsVUulK7LXTle2DnRFjxnX
C/b91/yVfe6skYfw1zPuRpqDSKZBEIuLXXCtvgpnl4RAeqBcEjnv08BG4uZ6VOpE
DBF7xmpVv9t5kA4HJk0UheUuFbJ4eK2QTBs/98GXeg+FIpaJKIkxu/+QcplvLqUA
snxHR2AloOFH+MiKn07at7uTwLJlXQE3i0dbIxbdLoKbsoiVlXdkOOZn8q4Q4uNC
yD4yx09hT4xt4rUt6pTtVSyUtE4OebrUtutwAg4KNudFPbZ4T6kbr62MnXG/ZFiY
uQwPXhOBCsb6NCSCqlbgVV76x9bJVqvQoUIerCyCoabnaasBDj40FdlHyQjhaid1
RnfjbjohB89iO21S1OjcN74RNxQKGhnV6MfsHsosyMM5laob4Vk=
=OJrE
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 18 Feb 2019 07:26:42 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.