[Bug 1084279] Re: buffer overflow crash in libgcrypt when open files > 1024
Launchpad Bug Tracker
1084279 at bugs.launchpad.net
Wed Nov 27 22:22:13 UTC 2013
This bug was fixed in the package libgcrypt11 - 1.5.3-2ubuntu1
---------------
libgcrypt11 (1.5.3-2ubuntu1) trusty; urgency=low
* Merge from Debian unstable. Remaining changes:
- no-global-init-thread-callbacks.diff: Do not call global_init when
setting thread callbacks
libgcrypt11 (1.5.3-2) unstable; urgency=low
* Convert to dh and move building of ps and html docs to
override_dh_auto_build-indep. Enable parallel building.
libgcrypt11 (1.5.3-1) unstable; urgency=high
* New upstream bugfix release. (CVE-2013-4242)
libgcrypt11 (1.5.2-3) unstable; urgency=low
* Install libgcrypt.a and libgcrypt.so to /usr.
* [15_multiarchpath_in_-L.diff] Do not print -L/lib/i386-linux-gnu on
"libgcrypt-config --libs".
* Use debhelper v9 mode. This allows us to mark libgcrypt11-dbg Multi-Arch:
same.
libgcrypt11 (1.5.2-2) unstable; urgency=low
* Upload to unstable.
* Fix vcs-field-not-canonical lintian error by refering to anonscm instead
of svn.debian.org.
* Update info in debian/copyright from upstream's README, fixing typo 'teh'.
* Delete some outdated and unused code in debian/rules.
libgcrypt11 (1.5.2-1) experimental; urgency=low
* New upstream version.
+ IDEA support added.
* Move list of supported algorithms to a separate paragraph in description
to decrease work-load of translators. Closes: #640261
* Move TeX-packages from b-d to Build-Depends-Indep. (Thanks, P. J.
McDermott) Closes: #682597
libgcrypt11 (1.5.1-1) experimental; urgency=low
* Point watchfile to stable release.
* New upstream version.
* Drop superfluous patches:
29_Fix-a-problem-with-select-and-high-fds.patch
30_Avoid-dereferencing-pointer-right-after-the-end.patch
31_Fix-segv-with-AES-NI-on-some-platforms.patch
32_libgcrypt-1.5-rinjdael-Fix-use-of-SSE2-outside-USE_A.patch
* Bump version gcry_control at GCRYPT_1.2 in debian/libgcrypt11.symbols from
1.4.5 to 1.5.1 since its argument enum has a new member.
libgcrypt11 (1.5.0-5) unstable; urgency=low
* While we are at it also pick
29_Fix-a-problem-with-select-and-high-fds.patch
LP: #1084279
libgcrypt11 (1.5.0-4) unstable; urgency=low
* Pull patches from upstream LIBGCRYPT-1-5-BRANCH:
30_Avoid-dereferencing-pointer-right-after-the-end.patch
31_Fix-segv-with-AES-NI-on-some-platforms.patch
<https://bugs.g10code.com/gnupg/issue1452> LP: #1105758
32_libgcrypt-1.5-rinjdael-Fix-use-of-SSE2-outside-USE_A.patch
Closes: #699034
-- Seth Arnold <seth.arnold at canonical.com> Wed, 27 Nov 2013 10:36:27 -0800
** Changed in: libgcrypt11 (Ubuntu)
Status: Triaged => Fix Released
** Bug watch added: GnuPG Bugs #1452
https://bugs.g10code.com/gnupg/issue1452
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4242
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libgcrypt11 in Ubuntu.
https://bugs.launchpad.net/bugs/1084279
Title:
buffer overflow crash in libgcrypt when open files > 1024
Status in “libgcrypt11” package in Ubuntu:
Fix Released
Bug description:
I am running JBoss with my open files set to > 1024 and when one of my
Java classes tries to access the printers it talks to libcups which
uses libgnutls which uses libgcrypt. However, libgcrypt has some code
that is calling FD_SET on a file descriptor but that gets reported as
a buffer overflow because the file descriptor has a value of 1053
which is greater than the FD_SETSIZE define of 1024. This bug was
fixed in libgcrypt in September 2011 but does not appear in the
patched version of libgcrypt11 1.5.0 in Ubuntu 12.04.
The git commit in libgcrypt that fixes the problem is
061b11de60415e228f33599270d66aafe4b88d72 and can be viewed at:
http://git.gnupg.org/cgi-
bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=061b11de60415e228f33599270d66aafe4b88d72
I submitted the crash (I think it's not entirely clear to me it did
anything) using ubuntu-bug which I guess went to the whoopsie database
or something.
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libgcrypt11 1.5.0-3ubuntu0.1
ProcVersionSignature: Ubuntu 3.2.0-27.43-generic 3.2.21
Uname: Linux 3.2.0-27-generic x86_64
ApportVersion: 2.0.1-0ubuntu11
Architecture: amd64
Date: Wed Nov 28 17:57:12 2012
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
MarkForUpload: True
ProcEnviron:
LANGUAGE=en_US:
TERM=xterm-256color
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: libgcrypt11
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libgcrypt11/+bug/1084279/+subscriptions
More information about the foundations-bugs
mailing list