Ubuntu
kvirc package

CVE-2010-2451, CVE-2010-2452 Multiple vulnerabilities in DCC

Bug #601702 reported by Andreas Wenning on 2010-07-04

262

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	kvirc (Ubuntu)	Fix Released	Undecided	Unassigned
	Jaunty	Fix Released	Medium	Unassigned
	Karmic	Fix Released	Medium	Unassigned
	Lucid	Fix Released	Medium	Unassigned
	Maverick	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: kvirc

From the Debian advisory http://www.debian.org/security/2010/dsa-2065 :
Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack.

Already fixed in 4.0.0~rc3 in maverick.

Related branches

lp:ubuntu/jaunty-security/kvirc

lp:ubuntu/lucid-updates/kvirc

lp:ubuntu/karmic-updates/kvirc

CVE References

Andreas Wenning (andreas-wenning) on 2010-07-04

visibility:

private → public

Andreas Wenning (andreas-wenning) on 2010-07-04

Changed in kvirc (Ubuntu Maverick):
status:	New → Fix Released
Changed in kvirc (Ubuntu Lucid):
status:	New → In Progress
Changed in kvirc (Ubuntu Karmic):
status:	New → In Progress
Changed in kvirc (Ubuntu Jaunty):
status:	New → In Progress

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-05:

#1

kvirc_4.0.0~svn3900+rc2-1ubuntu0.1.debdiff Edit (26.6 KiB, text/plain)

Patches prepared for lucid, karmic and jaunty. All have been tested in a chroot of the release to which they are prepared for.

Debdiff for lucid

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-05:

#2

kvirc_4.0.0~svn3240-1ubuntu0.1.debdiff Edit (24.0 KiB, text/plain)

Debdiff for karmic

Revision history for this message

Andreas Wenning (andreas-wenning) wrote on 2010-07-05:

#3

kvirc_4.0.0~svn3039-0ubuntu2.1.debdiff Edit (23.4 KiB, text/plain)

And debdiff for jaunty

Changed in kvirc (Ubuntu Lucid):
status:	In Progress → Confirmed
Changed in kvirc (Ubuntu Jaunty):
status:	In Progress → Confirmed
Changed in kvirc (Ubuntu Karmic):
status:	In Progress → Confirmed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-07-06:

#4

ACK for jaunty - lucid. Thanks Andreas!

Changed in kvirc (Ubuntu Lucid):
status:	Confirmed → Fix Committed
importance:	Undecided → Medium
Changed in kvirc (Ubuntu Jaunty):
status:	Confirmed → Fix Committed
importance:	Undecided → Medium
Changed in kvirc (Ubuntu Karmic):
status:	Confirmed → Fix Committed
importance:	Undecided → Medium

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-07:

#5

This bug was fixed in the package kvirc - 4:4.0.0~svn3900+rc2-1ubuntu0.1

---------------
kvirc (4:4.0.0~svn3900+rc2-1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Two security issues have been discovered in the DCC
    protocol support code of kvirc, a KDE-based next generation IRC client,
    which allow the overwriting of local files through directory traversal
    and the execution of arbitrary code through a format string attack.
    - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
      - Patch based on upstream SVN revision 4317.
    - CVE-2010-2451, CVE-2010-2452:
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
    - LP: #601702
-- Andreas Wenning <email address hidden> Mon, 05 Jul 2010 00:42:47 +0200

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-07:

#6

This bug was fixed in the package kvirc - 4:4.0.0~svn3240-1ubuntu0.1

---------------
kvirc (4:4.0.0~svn3240-1ubuntu0.1) karmic-security; urgency=low

  * SECURITY UPDATE: Two security issues have been discovered in the DCC
    protocol support code of kvirc, a KDE-based next generation IRC client,
    which allow the overwriting of local files through directory traversal
    and the execution of arbitrary code through a format string attack.
    - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
      - Patch based on upstream SVN revision 4317.
    - CVE-2010-2451, CVE-2010-2452:
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
    - LP: #601702
-- Andreas Wenning <email address hidden> Mon, 05 Jul 2010 00:41:51 +0200

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-07-07:

#7

This bug was fixed in the package kvirc - 4:4.0.0~svn3039-0ubuntu2.1

---------------
kvirc (4:4.0.0~svn3039-0ubuntu2.1) jaunty-security; urgency=low

  * SECURITY UPDATE: Two security issues have been discovered in the DCC
    protocol support code of kvirc, a KDE-based next generation IRC client,
    which allow the overwriting of local files through directory traversal
    and the execution of arbitrary code through a format string attack.
    - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
      - Patch based on upstream SVN revision 4317.
    - CVE-2010-2451, CVE-2010-2452:
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
    - LP: #601702
-- Andreas Wenning <email address hidden> Mon, 05 Jul 2010 00:45:44 +0200

Changed in kvirc (Ubuntu Jaunty):
status:	Fix Committed → Fix Released
Changed in kvirc (Ubuntu Karmic):
status:	Fix Committed → Fix Released
Changed in kvirc (Ubuntu Lucid):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.