Discussion:
Bug#941912: libsoup2.4: CVE-2019-17266
(too old to reply)
Salvatore Bonaccorso
2019-10-07 14:50:01 UTC
Permalink
Source: libsoup2.4
Version: 2.68.1-2
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/libsoup/issues/173

Hi,

The following vulnerability was published for libsoup2.4.

CVE-2019-17266[0]:
| libsoup through 2.68.1 has a heap-based buffer over-read because
| soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly
| check an NTLM message's length before proceeding with a memcpy.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-17266
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17266
[1] https://gitlab.gnome.org/GNOME/libsoup/issues/173

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
Claudio Saavedra
2019-10-09 11:00:01 UTC
Permalink
On Mon, 07 Oct 2019 16:43:28 +0200 Salvatore Bonaccorso <
Post by Salvatore Bonaccorso
Please adjust the affected versions in the BTS as needed.
I'm the libsoup maintainer. This bug affects libsoup from 2.65.1 until
2.68.1, previous versions are unaffected. I just uploaded upstream new
packages fixing this vulnerability for the 2.66 and 2.68 series (2.66.4
and 2.68.2, respectively).

Claudio
Salvatore Bonaccorso
2019-10-09 19:00:01 UTC
Permalink
Hi Claudio,
Post by Claudio Saavedra
On Mon, 07 Oct 2019 16:43:28 +0200 Salvatore Bonaccorso <
Post by Salvatore Bonaccorso
Please adjust the affected versions in the BTS as needed.
I'm the libsoup maintainer. This bug affects libsoup from 2.65.1 until
2.68.1, previous versions are unaffected. I just uploaded upstream new
packages fixing this vulnerability for the 2.66 and 2.68 series (2.66.4
and 2.68.2, respectively).
Thanks for this information, so I'm updating the tracker information.
While at it, I'm pretty sure
https://gitlab.gnome.org/GNOME/libsoup/issues/173 was previously
accessible, but now it is not anymore (I was wondering about the
reason).

Regards,
Salvatore
Claudio Saavedra
2019-10-10 08:00:01 UTC
Permalink
Post by Salvatore Bonaccorso
Thanks for this information, so I'm updating the tracker information.
Thank you.
Post by Salvatore Bonaccorso
While at it, I'm pretty sure
https://gitlab.gnome.org/GNOME/libsoup/issues/173 was previously
accessible, but now it is not anymore (I was wondering about the
reason).
I decided to mark it confidential considering the nature of the issue.
Feel free to contact me privately if you want/need to access it.

Claudio

Loading...