[FUG-BR] Fw: FreeBSD Security Advisory FreeBSD-SA-07:04.file

Joao Rocha Braga Filho goffredo em gmail.com
Quarta Maio 23 14:45:50 BRT 2007


On 5/23/07, Marcio Antunes <mantunes.listas at gmail.com> wrote:
> Aproveitando ..
>
> Se eu baixar o FreeBSD da pagina oficial, ele ja vem com essa correção ou não..

A versão release não virá, mas se fizer um cvsup dos fontes virá a
correção.


João Rocha.

>
> Márcio
>
> 2007/5/23, irado furioso com tudo <irado at hotpop.com>:
> >
> > bem.. se todo mundo já souber, esqueçam e desculpem
> >
> >
> > Iníciando encaminhamento de mensagem:
> >
> > Data: Wed, 23 May 2007 16:19:55 GMT
> > De: FreeBSD Security Advisories <security-advisories at freebsd.org>
> > Para: Bugtraq <bugtraq at securityfocus.com>
> > Assunto: FreeBSD Security Advisory FreeBSD-SA-07:04.file
> >
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > =============================================================================
> > FreeBSD-SA-07:04.file                                       Security
> > Advisory The FreeBSD Project
> >
> > Topic:          Heap overflow in file(1)
> >
> > Category:       contrib
> > Module:         file
> > Announced:      2007-05-23
> > Affects:        All FreeBSD releases.
> > Corrected:      2007-05-23 16:12:51 UTC (RELENG_6, 6.2-STABLE)
> >                 2007-05-23 16:13:07 UTC (RELENG_6_2, 6.2-RELEASE-p5)
> >                 2007-05-23 16:13:20 UTC (RELENG_6_1, 6.1-RELEASE-p17)
> >                 2007-05-23 16:12:10 UTC (RELENG_5, 5.5-STABLE)
> >                 2007-05-23 16:12:35 UTC (RELENG_5_5, 5.5-RELEASE-p13)
> > CVE Name:       CVE-2007-1536
> >
> > For general information regarding FreeBSD Security Advisories,
> > including descriptions of the fields above, security branches, and the
> > following sections, please visit <URL:http://security.FreeBSD.org/>.
> >
> > I.   Background
> >
> > The file(1) utility attempts to classify file system objects based on
> > filesystem, magic number and language tests.
> >
> > The libmagic(3) library provides most of the functionality of file(1)
> > and may be used by other applications.
> >
> > II.  Problem Description
> >
> > When writing data into a buffer in the file_printf function, the length
> > of the unused portion of the buffer is not correctly tracked, resulting
> > in a buffer overflow when processing certain files.
> >
> > III. Impact
> >
> > An attacker who can cause file(1) to be run on a maliciously constructed
> > input can cause file(1) to crash.  It may be possible for such an
> > attacker to execute arbitrary code with the privileges of the user
> > running file(1).
> >
> > The above also applies to any other applications using the libmagic(3)
> > library.
> >
> > IV.  Workaround
> >
> > No workaround is available, but systems where file(1) and other
> > libmagic(3)-using applications are never run on untrusted input are not
> > vulnerable.
> >
> > V.   Solution
> >
> > Perform one of the following:
> >
> > 1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the
> > RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the
> > correction date.
> >
> > 2) To patch your present system:
> >
> > The following patches have been verified to apply to FreeBSD 5.5, 6.1,
> > and 6.2 systems.
> >
> > a) Download the relevant patch from the location below, and verify the
> > detached PGP signature using your PGP utility.
> >
> > [FreeBSD 5.5]
> > # fetch http://security.FreeBSD.org/patches/SA-07:04/file5.patch
> > # fetch http://security.FreeBSD.org/patches/SA-07:04/file5.patch.asc
> >
> > [FreeBSD 6.1 and 6.2]
> > # fetch http://security.FreeBSD.org/patches/SA-07:04/file6.patch
> > # fetch http://security.FreeBSD.org/patches/SA-07:04/file6.patch.asc
> >
> > b) Execute the following commands as root:
> >
> > # cd /usr/src
> > # patch < /path/to/patch
> > # cd /usr/src/lib/libmagic
> > # make obj && make depend && make && make install
> >
> > VI.  Correction details
> >
> > The following list contains the revision numbers of each file that was
> > corrected in FreeBSD.
> >
> > Branch
> > Revision Path
> > -
> > -------------------------------------------------------------------------
> > RELENG_5 src/contrib/file/file.h
> > 1.1.1.7.2.1 src/contrib/file/funcs.c
> > 1.1.1.1.2.1 src/contrib/file/magic.c
> > 1.1.1.1.2.1 RELENG_5_5
> >   src/UPDATING
> > 1.342.2.35.2.13
> > src/sys/conf/newvers.sh                                  1.62.2.21.2.15
> > src/contrib/file/file.h                                     1.1.1.7.8.1
> > src/contrib/file/funcs.c                                    1.1.1.1.8.1
> > src/contrib/file/magic.c                                    1.1.1.1.8.1
> > RELENG_6 src/contrib/file/file.h
> > 1.1.1.8.2.1 src/contrib/file/funcs.c
> > 1.1.1.2.2.1 src/contrib/file/magic.c
> > 1.1.1.2.2.1 RELENG_6_2
> >   src/UPDATING
> > 1.416.2.29.2.8
> > src/sys/conf/newvers.sh                                   1.69.2.13.2.8
> > src/contrib/file/file.h                                     1.1.1.8.8.1
> > src/contrib/file/funcs.c                                    1.1.1.2.8.1
> > src/contrib/file/magic.c                                    1.1.1.2.8.1
> > RELENG_6_1 src/UPDATING
> > 1.416.2.22.2.19
> > src/sys/conf/newvers.sh                                  1.69.2.11.2.19
> > src/contrib/file/file.h                                     1.1.1.8.6.1
> > src/contrib/file/funcs.c                                    1.1.1.2.6.1
> > src/contrib/file/magic.c                                    1.1.1.2.6.1
> > -
> > -------------------------------------------------------------------------
> >
> > VII. References
> >
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
> >
> > The latest revision of this advisory is available at
> > http://security.FreeBSD.org/advisories/FreeBSD-SA-07:04.file.asc
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.7 (FreeBSD)
> >
> > iD8DBQFGVGjhFdaIBMps37IRAgogAJ9o/0yCxtRi527rgvhg/BoC/AvEsQCfcwMX
> > ABl7JIb1XiY6QKWQ6UfwlGA=
> > =meQ0
> > -----END PGP SIGNATURE-----
> >
> >
> > --
> > saudações,
> > irado furioso com tudo
> > Linux User 179402/FreeBSD BSD50853/FUG-BR 154
> > Não uso drogas - 100% Miko$hit-free
> > Tudo o que Existe egressa do Ser e regressa ao Ser. O Ser é o
> > Insondável Tao. Das profundezas do Ser nascem todos os seres que
> > existem. O Ser, porém, é o abismo do Não-Existir.
> > -------------------------
> > Histórico: http://www.fug.com.br/historico/html/freebsd/
> > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
> >
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>


-- 
"Sempre se apanha mais com as menores besteiras. Experiência própria."

goffredo at goffredo.eti.br
goffredo at gmail.com
http://www.goffredo.eti.br


Mais detalhes sobre a lista de discussão freebsd