Import Debian changes 1.0.14-1~bpo60+1

tinc (1.0.14-1~bpo60+1) squeeze-backports; urgency=low

  * Rebuild for squeeze-backports.

tinc (1.0.14-1) unstable; urgency=low

  * New upstream release.
  * Bump Standards-Version.
This commit is contained in:
Guus Sliepen 2011-06-07 09:35:50 +00:00
commit f01c927470
54 changed files with 1604 additions and 789 deletions

13
debian/changelog vendored
View file

@ -1,8 +1,15 @@
tinc (1.0.13-1+squeeze1) squeeze-security; urgency=high
tinc (1.0.14-1~bpo60+1) squeeze-backports; urgency=low
* Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
* Rebuild for squeeze-backports.
-- Guus Sliepen <guus@debian.org> Fri, 12 Apr 2013 20:40:15 +0000
-- Guus Sliepen <guus@debian.org> Tue, 07 Jun 2011 09:35:50 +0000
tinc (1.0.14-1) unstable; urgency=low
* New upstream release.
* Bump Standards-Version.
-- Guus Sliepen <guus@debian.org> Mon, 09 May 2011 00:25:37 +0200
tinc (1.0.13-1) unstable; urgency=low

2
debian/control vendored
View file

@ -2,7 +2,7 @@ Source: tinc
Section: net
Priority: optional
Maintainer: Guus Sliepen <guus@debian.org>
Standards-Version: 3.8.4
Standards-Version: 3.9.2
Build-Depends: libssl-dev, debhelper (>= 7.0.50~), gettext, texi2html, texinfo, zlib1g-dev, liblzo2-dev
Homepage: http://www.tinc-vpn.org/

View file

@ -1,31 +0,0 @@
From 17a33dfd95b1a29e90db76414eb9622df9632320 Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Fri, 12 Apr 2013 17:15:05 +0200
Subject: [PATCH] Drop packets forwarded via TCP if they are too big
(CVE-2013-1428).
Normally all requests sent via the meta connections are checked so that they
cannot be larger than the input buffer. However, when packets are forwarded via
meta connections, they are copied into a packet buffer without checking whether
it fits into it. Since the packet buffer is allocated on the stack, this in
effect allows an authenticated remote node to cause a stack overflow.
This issue was found by Martin Schobert.
---
src/net_packet.c | 3 +++
1 file changed, 3 insertions(+)
Index: tinc-1.0.13/src/net_packet.c
===================================================================
--- tinc-1.0.13.orig/src/net_packet.c 2010-03-13 17:53:33.000000000 +0000
+++ tinc-1.0.13/src/net_packet.c 2013-04-12 20:34:17.395183282 +0000
@@ -347,6 +347,9 @@
void receive_tcppacket(connection_t *c, char *buffer, int len) {
vpn_packet_t outpkt;
+ if(len > sizeof outpkt.data)
+ return;
+
outpkt.len = len;
if(c->options & OPTION_TCPONLY)
outpkt.priority = 0;

View file

@ -1 +0,0 @@
fix-CVE-2013-1428