FS#65971 - [bsdiff] [security] Unpatched integer range vulnerbilities
Attached to Project:
Arch Linux
Opened by Mingye Wang (arthur2e5) - Wednesday, 25 March 2020, 07:15 GMT
Last edited by Antonio Rojas (arojas) - Friday, 27 January 2023, 07:30 GMT
Opened by Mingye Wang (arthur2e5) - Wednesday, 25 March 2020, 07:15 GMT
Last edited by Antonio Rojas (arojas) - Friday, 27 January 2023, 07:30 GMT
|
Details
Description:
bsdiff (4.3-9) as currently packaged by Arch Linux is susceptible to a number of old vulnerbilities. Links to vulnerbilities and patches: * CVE-2014-9862. See https://security.freebsd.org/advisories/FreeBSD-SA-16:25.bsp for patch. * Integer overflow detected by ChromeOS fuzzer. See https://github.com/freebsd/freebsd/commit/d0260bc2831cae2689042b07f26b575bd6e5f65a for patch and https://android.googlesource.com/platform/external/bsdiff/+/6e40d9347586f0bc628295a0c581c95eeae0a234%5E%21/ for ChromeOS version. * Unnamed memory corruption in FreeBSD. See https://github.com/freebsd/freebsd/commit/59381119a4c0b13088daea263ddd543d9bba5a16#diff-e337a2befd51c9e5715355c2fcbab673 for patch and https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f for exploit. Steps to reproduce: See links. |
This task depends upon
Closed by Antonio Rojas (arojas)
Friday, 27 January 2023, 07:30 GMT
Reason for closing: Won't fix
Additional comments about closing: Removed from repos
Friday, 27 January 2023, 07:30 GMT
Reason for closing: Won't fix
Additional comments about closing: Removed from repos
Comment by
Mingye Wang (arthur2e5) -
Wednesday, 25 March 2020, 07:47 GMT
Duh, use
https://www.mail-archive.com/freebsd-security%40freebsd.org/msg06279.html
for the advisory instead.