From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Feb 3 20:41:54 2015 Return-Path: Delivered-To: freebsd-ports-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ADF59B51 for ; Tue, 3 Feb 2015 20:41:54 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A839B8E for ; Tue, 3 Feb 2015 20:41:54 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id t13Kfspb043777 for ; Tue, 3 Feb 2015 20:41:54 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 197300] archivers/unzip: Port should be marked vulnerable to CVE-2014-9636 Date: Tue, 03 Feb 2015 20:41:54 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rsimmons0@gmail.com X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ehaupt@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Feb 2015 20:41:54 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197300 Bug ID: 197300 Summary: archivers/unzip: Port should be marked vulnerable to CVE-2014-9636 Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ehaupt@FreeBSD.org Reporter: rsimmons0@gmail.com Assignee: ehaupt@FreeBSD.org Flags: maintainer-feedback?(ehaupt@FreeBSD.org) Created attachment 152529 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=152529&action=edit patch for CVE-2014-9636 The port archivers/unzip is vulnerable to CVE-2014-9636. Further information is here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636 http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9636.html Here is the patch from upstream: http://www.info-zip.org/phpBB3/download/file.php?id=95&sid=95e98be32f791909977347bca032d3bc I have merged this patch with the previous extract.c patch into one. Attached is an patch that fixes the port. The message attached to the patch above is: ================= >From a9bfab5b52d08879bbc5e0991684b700127ddcff Mon Sep 17 00:00:00 2001 From: mancha Date: Mon, 3 Nov 2014 Subject: Info-ZIP UnZip buffer overflow By carefully crafting a corrupt ZIP archive with "extra fields" that purport to have compressed blocks larger than the corresponding uncompressed blocks in STORED no-compression mode, an attacker can trigger a heap overflow that can result in application crash or possibly have other unspecified impact. This patch ensures that when extra fields use STORED mode, the "compressed" and uncompressed block sizes match. --- Comment #1 from Bugzilla Automation --- Auto-assigned to maintainer ehaupt@FreeBSD.org -- You are receiving this mail because: You are the assignee for the bug.