Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <8738bzu4zm.fsf@twoticketsplease.de>
Date: Wed, 10 Sep 2014 12:47:25 +0200
From: Moritz Heidkamp <moritz.heidkamp@...uta.com>
To: oss-security@...ts.openwall.com
Subject: CVE request for select() buffer overrun in CHICKEN Scheme on the Android platform

Hello,

I would like to request a CVE for a select() buffer overrun
vulnerability in CHICKEN Scheme on the Android platform. This is
basically the same issue as CVE-2012-6122 [1], thus the same workaround
applies: Set the maximum number of open files ulimit to a value lower
than or equal to FD_SETSIZE. Alternatively, apply the patch that fixes
the issue (see below).

Since the Android platform target was added fairly recently, the only
affected release versions are 4.9.0 and 4.9.0.1.

The issue is fixed by switching to POSIX poll() on Android, too. This
fix will be included in the upcoming release versions 4.9.0.2, 4.9.1,
4.10.0, and 5.0.

For the official announcement, see
http://lists.nongnu.org/archive/html/chicken-users/2014-08/msg00055.html

The patch on the discussion list is
http://lists.nongnu.org/archive/html/chicken-hackers/2014-08/msg00017.html
and it got applied as
http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=bbf5c1d5839970c17b37406155180853c325c710

A patch which changes the default to be POSIX poll() so that platforms
added in the future will be more likely not to be affected by this issue
is being discussed at
http://lists.nongnu.org/archive/html/chicken-hackers/2014-08/msg00019.html

Regards
Moritz

[1] Original announcement:
    http://lists.nongnu.org/archive/html/chicken-users/2012-06/msg00031.html

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.