openSUSE Bugs October 2010

bugs@lists.opensuse.org

1 participants
4353 discussions

[Bug 597673] New: fetchmail: DoS in -v -v mode in multibyte
by bugzilla_noreply＠novell.com 02 Apr '20

02 Apr '20

http://bugzilla.novell.com/show_bug.cgi?id=597673 http://bugzilla.novell.com/show_bug.cgi?id=597673#c0 Summary: fetchmail: DoS in -v -v mode in multibyte Classification: openSUSE Product: openSUSE 11.3 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: puzel(a)novell.com ReportedBy: lnussel(a)novell.com QAContact: qa(a)suse.de CC: security-team(a)suse.de Found By: Other Blocker: --- Your friendly security team received the following report via oss-security. Please respond ASAP. The issue is public. Factory only sufficient ------------------------------------------------------------------------------ Date: Sun, 18 Apr 2010 18:58:30 +0200 From: "Matthias Andree" <matthias.andree(a)gmx.de> Subject: [oss-security] CVE request: fetchmail 4.6.3...6.3.16 DoS in -v -v mode in multibyte locales on invalid input Please assign a CVE id for the issue described below. (Best viewed in non-proportional font with 8 space tabs): Draft announcement: - DRAFT - XXX - DRAFT - fetchmail-SA-2010-02: Denial of service in debug mode w/ multichar locales Topics: Denial of service in debug output. Author: Matthias Andree Version: 0.1 XXX Announced: XXX Type: malloc() Buffer overrun with printable characters Impact: Denial of service. Danger: low CVE Name: CVE-2010-XXXX CVSSv2: XXX URL: http://www.fetchmail.info/fetchmail-SA-2010-02.txt Project URL: http://www.fetchmail.info/ Affects: fetchmail releases 4.6.3 up to and including 6.3.16 Not affected: fetchmail release 6.3.17 and newer Corrected: 2010-04-18 Git (XXX) 0. Release history ================== 2010-04-18 0.1 first draft (visible in SVN and through oss-security) XXX 1. Background ============= fetchmail is a software package to retrieve mail from remote POP2, POP3, IMAP, ETRN or ODMR servers and forward it to local SMTP, LMTP servers or message delivery agents. It supports SSL and TLS security layers through the OpenSSL library, if enabled at compile time and if also enabled at run time. 2. Problem description and Impact ================================= In debug mode (-v -v), fetchmail prints information that was obtained from the upstream server (POP3 UIDL lists) or from message headers retrieved from it. If printing such information fails, for instance because there are invalid multibyte character sequences in this information (message headers), fetchmail will misinterpret this condition, and believe that the buffer was too small, and reallocate a bigger one (with linearly increasing buffer size), and repeat, until the allocation fails. At that point, fetchmail will abort. Note that the "Affects:" line above may be inaccurate, and it may be that versions before 5.6.6 are actually unaffected. The author was unable to compile such old fetchmail versions to verify the existence of the bug. Given that other security issues are present in such versions, those should not be used, and the wider version range was listed as vulnerable to err towards the safe. 3. Solution =========== There are two alternatives, either of them by itself is sufficient: a. Apply the patch found in section B of this announcement to fetchmail 6.3.14 or newer, recompile and reinstall it. b. Install fetchmail 6.3.17 or newer after it will have become available. The fetchmail source code is always available from <http://developer.berlios.de/project/showfiles.php?group_id=1824>. 4. Workaround ============= Run fetchmail with at most one -v (--verbose) option. A. Copyright, License and Warranty ================================== (C) Copyright 2010 by Matthias Andree, <matthias.andree(a)gmx.de>. Some rights reserved. This work is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 Germany License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/de/ or send a letter to Creative Commons 171 Second Street Suite 300 SAN FRANCISCO, CALIFORNIA 94105 USA THIS WORK IS PROVIDED FREE OF CHARGE AND WITHOUT ANY WARRANTIES. Use the information herein at your own risk. B. Patch to remedy the problem ============================== Note that when taking this from a GnuPG clearsigned file, the lines starting with a "-" character are prefixed by another "- " (dash + blank) combination. Either feed this file through GnuPG to strip them, or strip them manually. You may want to use the "-p1" flag to patch. Whitespace differences can usually be ignored by invoking "patch -l", so try this if the patch does not apply. diff --git a/rfc822.c b/rfc822.c index 6f2dbf3..dbcda32 100644 --- a/rfc822.c +++ b/rfc822.c @@ -25,6 +25,7 @@ MIT license. Compile with -DMAIN to build the demonstrator. #include <stdlib.h> #include "fetchmail.h" +#include "sdump.h" #ifndef MAIN #include "i18n.h" @@ -74,9 +75,10 @@ char *reply_hack( } #ifndef MAIN - if (outlevel >= O_DEBUG) - report_build(stdout, GT_("About to rewrite %.*s...\n"), - (int)BEFORE_EOL(buf), buf); + if (outlevel >= O_DEBUG) { + report_build(stdout, GT_("About to rewrite %s...\n"), (cp = sdump(buf, BEFORE_EOL(buf)))); + xfree(cp); + } /* make room to hack the address; buf must be malloced */ for (cp = buf; *cp; cp++) @@ -211,9 +213,12 @@ char *reply_hack( } #ifndef MAIN - if (outlevel >= O_DEBUG) - report_complete(stdout, GT_("...rewritten version is %.*s.\n"), - (int)BEFORE_EOL(buf), buf); + if (outlevel >= O_DEBUG) { + report_complete(stdout, GT_("...rewritten version is %s.\n"), + (cp = sdump(buf, BEFORE_EOL(buf)))); + xfree(cp) + } + #endif /* MAIN */ *length = strlen(buf); return(buf); diff --git a/uid.c b/uid.c index fdc6f5d..d813bee 100644 --- a/uid.c +++ b/uid.c @@ -20,6 +20,7 @@ #include "fetchmail.h" #include "i18n.h" +#include "sdump.h" /* * Machinery for handling UID lists live here. This is mainly to support @@ -260,8 +261,11 @@ void initialize_saved_lists(struct query *hostlist, const char *idfile) if (uidlcount) { report_build(stdout, GT_("Scratch list of UIDs:")); - for (idp = scratchlist; idp; idp = idp->next) - report_build(stdout, " %s", idp->id); + for (idp = scratchlist; idp; idp = idp->next) { + char *t = sdump(idp->id, strlen(idp->id)); + report_build(stdout, " %s", t); + free(t); + } if (!idp) report_build(stdout, GT_(" <empty>")); report_complete(stdout, "\n"); @@ -517,8 +521,11 @@ void uid_swap_lists(struct query *ctl) report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname); else report_build(stdout, GT_("New UID list from %s:"), ctl->server.pollname); - for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next) - report_build(stdout, " %s = %d", idp->id, idp->val.status.mark); + for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next) { + char *t = sdump(idp->id, strlen(idp->id)); + report_build(stdout, " %s = %d", t, idp->val.status.mark); + free(t); + } if (!idp) report_build(stdout, GT_(" <empty>")); report_complete(stdout, "\n"); @@ -567,8 +574,11 @@ void uid_discard_new_list(struct query *ctl) /* this is now a merged list! the mails which were seen in this * poll are marked here. */ report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname); - for (idp = ctl->oldsaved; idp; idp = idp->next) - report_build(stdout, " %s = %d", idp->id, idp->val.status.mark); + for (idp = ctl->oldsaved; idp; idp = idp->next) { + char *t = sdump(idp->id, strlen(idp->id)); + report_build(stdout, " %s = %d", t, idp->val.status.mark); + free(t); + } if (!idp) report_build(stdout, GT_(" <empty>")); report_complete(stdout, "\n"); -- Matthias Andree -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 4

[Bug 536564] New: Packages creating user accounts do not select UID
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=536564 Summary: Packages creating user accounts do not select UID Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: All OS/Version: Linux Status: NEW Severity: Minor Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: jengelh(a)medozas.de QAContact: qa(a)suse.de Found By: Beta-Customer Some packages, such as openssh, do explicitly specify a UID/GID when creating its users/groups: /usr/sbin/groupadd -g 65 -o -r sshd 2>/dev/null || :; On the other hand, the hal package does not: /usr/sbin/groupadd -r haldaemon 2>/dev/null || : So, which is correct? Should not hal also use a fixed ID? There are many packages belonging to the latter category. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 8

[Bug 518238] New: openSSH chroot security settings faulty
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=518238 Summary: openSSH chroot security settings faulty Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: marcus(a)swedcore.net QAContact: qa(a)suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.11) Gecko/2009060200 SUSE/3.0.11-0.1.1 Firefox/3.0.11 Whenever i tried to setup a chroot environment with OpenSSH the security settings for the user folder must be root or OpenSSH doesn't work, the only solution for now is to either create subfolders in the users chroot folder where the user can have write permissions or land them one step up in the hierarchy and thus making them see other chroot folder which is not good. I followed this Wiki page to the letter: http://en.opensuse.org/Openssh#SFTP_chroot_with_ChrootDirectory I have Swedish community users trying to set this up to with same result as me. This thread takes up the same issue: http://marc.info/?l=openssh-unix-dev&m=122640731518850&w=2 But the solution mentioned there is not acceptable because as it stats on the Wiki you make one folder the chroot folder and then mapping the users home folder relative to the chroot folder, in this scenario the users should get write permissions to his own folder, but that is not possible, thus breaking the functionality intended. So the question is, is this a bug or is it designed to act like this? Reproducible: Always Steps to Reproduce: Done accordingly to this wiki entry: http://en.opensuse.org/OpenSSH Actual Results: Gets a read only home folder root Expected Results: Getting a writable home folder, where they can create on folder and upload files directly to the root of their home folder. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 6

[Bug 638893] New: /usr/share/doc/packages/openssh/README.SuSE update wanted
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=638893 https://bugzilla.novell.com/show_bug.cgi?id=638893#c0 Summary: /usr/share/doc/packages/openssh/README.SuSE update wanted Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: anicka(a)novell.com ReportedBy: ke(a)novell.com QAContact: qa(a)suse.de Found By: Documentation Blocker: --- Please, update /usr/share/doc/packages/openssh/README.SuSE. I guess, by now we can remove 9.1 and earlier items. Also please remove the opener (Dear ...) and the closer (Your team). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 2

[Bug 530885] New: sshd fails to honour /etc/nologin presence when ssh keys used during login
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=530885 Summary: sshd fails to honour /etc/nologin presence when ssh keys used during login Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Major Priority: P5 - None Component: Security AssignedTo: security-team(a)suse.de ReportedBy: liam.gretton(a)leicester.ac.uk QAContact: qa(a)suse.de Found By: --- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 With the pam module pam_nologin in use, all non-root logins are supposed to be prevented if the file /etc/nologin exists. SSH fails to prevent user logins if /etc/nologin exists and the user authenticates with a key. Authentications with a password are successfully prevented, as expected. Reproducible: Always Steps to Reproduce: 1. Add pam_nologin to /etc/pam.d/login: auth requisite pam_nologin.so 2. Create /etc/nologin 3. Log in via SSH with a password. Login will be correctly prevented. 4. Log in via SSH with a key. Login is successful. Actual Results: SSH login with a key is not prevented by pam_nologin. Expected Results: SSH login with a key should be prevented by pam_nologin when /etc/nologin is present. openssh-5.1p1-40.15 pam-1.0.2-13.4 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 12

[Bug 506831] New: /etc/init.d/sshd: incorrect usage of daemonstartproc ?
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=506831 Summary: /etc/init.d/sshd: incorrect usage of daemonstartproc ? Classification: openSUSE Product: openSUSE 11.2 Version: Milestone 1 Platform: Other OS/Version: Other Status: NEW Severity: Minor Priority: P5 - None Component: Other AssignedTo: anicka(a)novell.com ReportedBy: puzel(a)novell.com QAContact: qa(a)suse.de Found By: Development # /etc/init.d/sshd restart Shutting down SSH daemon Starting SSH daemonstartproc: option -p does not work in force mode sshd daemon seems to work OK, though. reproducible: always -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 2

[Bug 625552] New: openssh: inprove recommendation in "REMOTE HOST IDENTIFICATION HAS CHANGED" message
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=625552 http://bugzilla.novell.com/show_bug.cgi?id=625552#c0 Summary: openssh: inprove recommendation in "REMOTE HOST IDENTIFICATION HAS CHANGED" message Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Minor Priority: P5 - None Component: Basesystem AssignedTo: anicka(a)novell.com ReportedBy: sbrabec(a)novell.com QAContact: qa(a)suse.de Found By: --- Blocker: --- When remote host identification changes, following message appears: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is ................ Please contact your system administrator. Add correct host key in /home/sbrabec/.ssh/known_hosts to get rid of this message. Offending key in /home/sbrabec/.ssh/known_hosts:1 RSA host key for ben has changed and you have requested strict checking. Host key verification failed. Following the message and opened known_hosts file, I found just an ASCII noise. Well, I tried to delete line 1 (guessing from the error message) and got this message: The authenticity of host 'foo (...)' can't be established. RSA key fingerprint is ............ Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'foo' (RSA) to the list of known hosts. Warning: the RSA host key for foo' differs from the key for the IP address '...' Offending key for IP in /home/sbrabec/.ssh/known_hosts:1 Are you sure you want to continue connecting (yes/no)? yes It would be nice to change the messsage and offer ssh-keygen -R or so. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 7

[Bug 536505] New: rrdtool graph has some problems with vertical auto-scaling
by bugzilla_noreply＠novell.com 09 Dec '19

09 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=536505 Summary: rrdtool graph has some problems with vertical auto-scaling Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: All OS/Version: SLES 10 Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: Ulrich.Windl(a)rz.uni-regensburg.de QAContact: qa(a)suse.de Found By: --- Created an attachment (id=316589) --> (http://bugzilla.novell.com/attachment.cgi?id=316589) Example with --rigid: No y scale displayed User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.21) Gecko/20090410 SUSE/1.1.16-1.1.2 SeaMonkey/1.1.16 (Found in current version of SLES10 SP2, rrdtool-1.2.12-13.2) Specific values (like all between 17.7 and 17.8) cause rrdtool's graph to autoscale the values at a range of 10 to 20, making actual variations practically invisible. There are other intervals where similar problems arise, like [42.0:42.2] where the scale is [40:50]. The --alt-autoscale improves the scaling, but has a problem with not enough numeric labels for the y-axis being shown, just as --rigid does. The author of the tool said the current version is much better regarding those issues. Reproducible: Sometimes Steps to Reproduce: 1. Create graphs with automatic scaling where the values vary a little bit around some undetermined value Actual Results: Some graphs are not good enough to show the variations. Expected Results: The vertical scale should respect the range of values more that it currently does. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 7

[Bug 606436] New: Incorrect VTY charset?
by bugzilla_noreply＠novell.com 09 May '19

09 May '19

http://bugzilla.novell.com/show_bug.cgi?id=606436 http://bugzilla.novell.com/show_bug.cgi?id=606436#c0 Summary: Incorrect VTY charset? Classification: openSUSE Product: openSUSE 11.3 Version: Milestone 6 Platform: All OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: nice(a)titanic.nyme.hu QAContact: qa(a)suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/5332 (KHTML, like Gecko) Chrome/5.0.342.9 Safari/533.2 I installed openSUSE 11.3 Milestone 6 in the hungarian language. Interestingly when using the text-mode virtual terminals, (at least) two letters of the hungarian alphabet are displayed incorrectly: I get õ instead of ő, and û instead of ű. This is the same as displaying a hungarian text file (written in iso-8859-2) using iso-8859-1. Isn't it unicode? Or are just the characters wrongly positioned in the charset table? Also see: http://bugzilla.novell.com/show_bug.cgi?id=605575 Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 10

[Bug 500134] New: on checksumm errors yast2 software management produces non-informative message
by bugzilla_noreply＠novell.com 14 Feb '19

14 Feb '19

http://bugzilla.novell.com/show_bug.cgi?id=500134 Summary: on checksumm errors yast2 software management produces non-informative message Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: i686 OS/Version: openSUSE 11.1 Status: NEW Severity: Minor Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: grey-olli(a)ya.ru QAContact: jsrain(a)novell.com Found By: --- Created an attachment (id=289482) --> (http://bugzilla.novell.com/attachment.cgi?id=289482) 1st time the problem found User-Agent: Opera/9.64 (X11; Linux i686; U; en) Presto/2.1.1 On start of software management repository refresh is started. If checksumm is wrong for a file related to the repository the resulting message doesn't inform to which repository it relates. So if you've a few repositories installed the message is non-informative. Reproducible: Always Expected Results: Should at least tell to which repository the problem relates. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 9

Jump to page:

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openSUSE Bugs October 2010