r152 - in unstable/rt73/debian: . patches
benh at alioth.debian.org
benh at alioth.debian.org
Wed Jan 28 01:05:58 UTC 2009
Author: benh
Date: 2009-01-28 01:05:58 +0000 (Wed, 28 Jan 2009)
New Revision: 152
Added:
unstable/rt73/debian/patches/003_fix_probe_request_overflow.diff
Modified:
unstable/rt73/debian/changelog
Log:
Fixed buffer overflow vulnerability in processing of ad-hoc probe
requests (CVE-2009-0282) (closes: bug#512995)
Modified: unstable/rt73/debian/changelog
===================================================================
--- unstable/rt73/debian/changelog 2009-01-28 00:43:38 UTC (rev 151)
+++ unstable/rt73/debian/changelog 2009-01-28 01:05:58 UTC (rev 152)
@@ -1,3 +1,10 @@
+rt73 (1:1.0.3.6-cvs20080623-dfsg1-3) unstable; urgency=high
+
+ * Fixed buffer overflow vulnerability in processing of ad-hoc probe
+ requests (CVE-2009-0282) (closes: bug#512995)
+
+ -- Ben Hutchings <ben at decadent.org.uk> Wed, 28 Jan 2009 00:53:13 +0000
+
rt73 (1:1.0.3.6-cvs20080623-dfsg1-2) unstable; urgency=low
* Include upstream changelog in module source tarball. Closes: #487658.
Added: unstable/rt73/debian/patches/003_fix_probe_request_overflow.diff
===================================================================
--- unstable/rt73/debian/patches/003_fix_probe_request_overflow.diff (rev 0)
+++ unstable/rt73/debian/patches/003_fix_probe_request_overflow.diff 2009-01-28 01:05:58 UTC (rev 152)
@@ -0,0 +1,14 @@
+Fixed buffer overflow vulnerability in processing of ad-hoc probe
+requests (CVE-2009-0282) (closes: bug#512995)
+
+--- rt73.orig/Module/sanity.c
++++ rt73/Module/sanity.c
+@@ -447,7 +447,7 @@
+
+ COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2);
+
+- if ((pFrame->Octet[0] != IE_SSID) || (pFrame->Octet[1] > MAX_LEN_OF_SSID))
++ if ((pFrame->Octet[0] != IE_SSID) || ((UCHAR)pFrame->Octet[1] > MAX_LEN_OF_SSID))
+ {
+ DBGPRINT(RT_DEBUG_TRACE, "PeerProbeReqSanity fail - wrong SSID IE(Type=%d,Len=%d)\n",pFrame->Octet[0],pFrame->Octet[1]);
+ return FALSE;
More information about the Pkg-ralink-commits
mailing list