r149 - in unstable/rt2400/debian: . patches

benh at alioth.debian.org benh at alioth.debian.org
Wed Jan 28 00:26:57 UTC 2009 

Author: benh
Date: 2009-01-28 00:26:57 +0000 (Wed, 28 Jan 2009)
New Revision: 149

Added:
   unstable/rt2400/debian/patches/001_fix_probe_request_overflow.diff
Modified:
   unstable/rt2400/debian/changelog
   unstable/rt2400/debian/patches/series
Log:
Fixed buffer overflow vulnerability in processing of ad-hoc probe
requests (CVE-2009-0282) (closes: bug#512999)


Modified: unstable/rt2400/debian/changelog
===================================================================
--- unstable/rt2400/debian/changelog	2008-09-03 00:17:33 UTC (rev 148)
+++ unstable/rt2400/debian/changelog	2009-01-28 00:26:57 UTC (rev 149)
@@ -1,3 +1,10 @@
+rt2400 (1.2.2+cvs20080623-3) unstable; urgency=high
+
+  * Fixed buffer overflow vulnerability in processing of ad-hoc probe
+    requests (CVE-2009-0282) (closes: bug#512999)
+
+ -- Ben Hutchings <ben at decadent.org.uk>  Wed, 28 Jan 2009 00:23:31 +0000
+
 rt2400 (1.2.2+cvs20080623-2) unstable; urgency=low
 
   * Modified 000_if_name.diff to apply at -p1 (closes: bug#485258)

Added: unstable/rt2400/debian/patches/001_fix_probe_request_overflow.diff
===================================================================
--- unstable/rt2400/debian/patches/001_fix_probe_request_overflow.diff	                        (rev 0)
+++ unstable/rt2400/debian/patches/001_fix_probe_request_overflow.diff	2009-01-28 00:26:57 UTC (rev 149)
@@ -0,0 +1,14 @@
+Fix buffer overflow vulnerability in processing of ad-hoc probe
+requests (CVE-2009-0282) (closes: bug#512999)
+
+--- rt2400.orig/Module/sanity.c
++++ rt2400/Module/sanity.c
+@@ -389,7 +389,7 @@
+ 
+     COPY_MAC_ADDR(Addr2, &Fr->Hdr.Addr2);
+ 
+-    if (Fr->Octet[0] != IE_SSID || Fr->Octet[1] > MAX_LEN_OF_SSID)
++    if (Fr->Octet[0] != IE_SSID || (UCHAR)Fr->Octet[1] > MAX_LEN_OF_SSID)
+     {
+         DBGPRINT(RT_DEBUG_TRACE, "PeerProbeReqSanity fail - wrong SSID IE\n");
+         return FALSE;

Modified: unstable/rt2400/debian/patches/series
===================================================================
--- unstable/rt2400/debian/patches/series	2008-09-03 00:17:33 UTC (rev 148)
+++ unstable/rt2400/debian/patches/series	2009-01-28 00:26:57 UTC (rev 149)
@@ -1 +1,2 @@
 000_if_name.diff
+001_fix_probe_request_overflow.diff

More information about the Pkg-ralink-commits mailing list