rpms/aircrack-ng/devel aircrack-ng-1683-CVE-2010-1159.patch, NONE, 1.1 import.log, NONE, 1.1 aircrack-ng.spec, 1.33, 1.34 aircrack-ng-tarball, 1.2, NONE
Rakesh Pandit
rakesh at fedoraproject.org
Sat May 29 12:42:07 UTC 2010
- Previous message: rpms/clamav/devel clamav-0.96-pdf.patch, NONE, 1.1 import.log, NONE, 1.1 clamav.spec, 1.104, 1.105 ChangeLog-rpm.old, 1.1, NONE lastver, 1.11, NONE verinfo, 1.3, NONE
- Next message: rpms/kernel/devel iwlwifi-fix-internal-scan-race.patch, NONE, 1.1.2.2 iwlwifi-fix-scan-races.patch, NONE, 1.1.2.1 iwlwifi-recalculate-average-tpt-if-not-current.patch, NONE, 1.1.2.2 iwlwifi-recover_from_tx_stall.patch, NONE, 1.1.2.2 keys-find-keyring-by-name-can-gain-access-to-the-freed-keyring.patch, NONE, 1.1.2.1 patch-2.6.32.14.bz2.sign, NONE, 1.1.2.1 .cvsignore, 1.1014.2.44, 1.1014.2.45 kernel.spec, 1.1294.2.104, 1.1294.2.105 linux-2.6-utrace.patch, 1.107.6.9, 1.107.6.10 sources, 1.976.2.45, 1.976.2.46 upstream, 1.888.2.44, 1.888.2.45 xen.pvops.patch, 1.1.2.67, 1.1.2.68 btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch, 1.1.2.1, NONE iwlwifi_-clear-all-the-stop_queue-flag-after-load-firmware.patch, 1.1.2.1, NONE patch-2.6.32.13.bz2.sign, 1.1.2.1, NONE revert-ath9k_-fix-lockdep-warning-when-unloading-module.patch, 1.1.2.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rakesh
Update of /cvs/pkgs/rpms/aircrack-ng/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv3554/devel
Modified Files:
aircrack-ng.spec
Added Files:
aircrack-ng-1683-CVE-2010-1159.patch import.log
Removed Files:
aircrack-ng-tarball
Log Message:
CVE-2010-1159 aircrack-ng: remote denial of service RH bug #582416
aircrack-ng-1683-CVE-2010-1159.patch:
aircrack-ng.c | 4 ++--
airdecap-ng.c | 4 ++--
airodump-ng.c | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
--- NEW FILE aircrack-ng-1683-CVE-2010-1159.patch ---
--- aircrack-ng-1.0.org/src/aircrack-ng.c 2010-05-29 18:05:44.032316723 +0530
+++ aircrack-ng-1.0/src/aircrack-ng.c 2010-05-29 18:21:06.637313207 +0530
@@ -1533,7 +1533,7 @@
st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 )
+ h80211[z + 3] + 4;
- if ((int)pkh.len - z < st_cur->wpa.eapol_size )
+ if ((int)pkh.len - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0)
{
// Ignore the packet trying to crash us.
continue;
@@ -1574,7 +1574,7 @@
st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 )
+ h80211[z + 3] + 4;
- if ((int)pkh.len - z < st_cur->wpa.eapol_size )
+ if ((int)pkh.len - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0)
{
// Ignore the packet trying to crash us.
continue;
--- aircrack-ng-1.0.org/src/airdecap-ng.c 2010-05-29 18:05:44.012317617 +0530
+++ aircrack-ng-1.0/src/airdecap-ng.c 2010-05-29 18:21:32.406313089 +0530
@@ -934,7 +934,7 @@
st_cur->eapol_size = ( h80211[z + 2] << 8 )
+ h80211[z + 3] + 4;
- if ((int)pkh.len - z < st_cur->eapol_size )
+ if ((int)pkh.len - z < st_cur->eapol_size || st_cur->eapol_size == 0)
{
// Ignore the packet trying to crash us.
continue;
@@ -968,7 +968,7 @@
st_cur->eapol_size = ( h80211[z + 2] << 8 )
+ h80211[z + 3] + 4;
- if ((int)pkh.len - z < st_cur->eapol_size )
+ if ((int)pkh.len - z < st_cur->eapol_size || st_cur->eapol_size == 0)
{
// Ignore the packet trying to crash us.
continue;
--- aircrack-ng-1.0.org/src/airodump-ng.c 2010-05-29 18:05:44.026315838 +0530
+++ aircrack-ng-1.0/src/airodump-ng.c 2010-05-29 18:21:55.553340377 +0530
@@ -1878,13 +1878,13 @@
st_cur->wpa.eapol_size = ( h80211[z + 2] << 8 )
+ h80211[z + 3] + 4;
- if ((int)pkh.len - z < st_cur->wpa.eapol_size )
+ if ((int)pkh.len - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0)
{
// Ignore the packet trying to crash us.
goto write_packet;
}
- if ((int)pkh.len - z < st_cur->wpa.eapol_size )
+ if ((int)pkh.len - z < st_cur->wpa.eapol_size || st_cur->wpa.eapol_size == 0)
{
// Ignore the packet trying to crash us.
goto write_packet;
--- NEW FILE import.log ---
aircrack-ng-1_0-3_fc14:HEAD:aircrack-ng-1.0-3.fc14.src.rpm:1275138035
Index: aircrack-ng.spec
===================================================================
RCS file: /cvs/pkgs/rpms/aircrack-ng/devel/aircrack-ng.spec,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -p -r1.33 -r1.34
--- aircrack-ng.spec 31 Mar 2010 13:45:36 -0000 1.33
+++ aircrack-ng.spec 29 May 2010 12:42:07 -0000 1.34
@@ -4,7 +4,7 @@ Name: aircrack-ng
Version: 1.0
#Release: 0.10.%{alphatag}%{?dist}
#Release: 0.7.%{alphatag}svn%{?dist}
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker
Group: Applications/System
@@ -29,6 +29,8 @@ Patch1: aircrack-ng-1.0-oui-path
Patch2: aircrack-ng-1.0-define.patch
# 2010-03-28: retrieved from upstream, changeset 1676
Patch3: aircrack-ng-1676-buffer-overflow.patch
+# 2010-04-08: retrieved from upstream, changeset 1683
+Patch4: aircrack-ng-1683-CVE-2010-1159.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: sqlite-devel openssl-devel
@@ -48,6 +50,7 @@ capture files), and some tools to handle
%patch1 -p1 -b .oui-path
%patch2 -p1 -b .define
%patch3 -p0 -b .1676-buffer-overflow
+%patch4 -p1 -b .1683-CVE-2010-1159
%build
@@ -131,6 +134,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Sat May 29 2010 Rakesh Pandit <rakesh at fedoraproject.org> - 1.0-3
+- CVE-2010-1159 aircrack-ng: remote denial of service, RH Bug #582416
+
* Sun Mar 28 2010 Till Maas <opensource at till.name> - 1.0-2
- Include patch against eapol overflow from upstream, RH Bug #577654
--- aircrack-ng-tarball DELETED ---
- Previous message: rpms/clamav/devel clamav-0.96-pdf.patch, NONE, 1.1 import.log, NONE, 1.1 clamav.spec, 1.104, 1.105 ChangeLog-rpm.old, 1.1, NONE lastver, 1.11, NONE verinfo, 1.3, NONE
- Next message: rpms/kernel/devel iwlwifi-fix-internal-scan-race.patch, NONE, 1.1.2.2 iwlwifi-fix-scan-races.patch, NONE, 1.1.2.1 iwlwifi-recalculate-average-tpt-if-not-current.patch, NONE, 1.1.2.2 iwlwifi-recover_from_tx_stall.patch, NONE, 1.1.2.2 keys-find-keyring-by-name-can-gain-access-to-the-freed-keyring.patch, NONE, 1.1.2.1 patch-2.6.32.14.bz2.sign, NONE, 1.1.2.1 .cvsignore, 1.1014.2.44, 1.1014.2.45 kernel.spec, 1.1294.2.104, 1.1294.2.105 linux-2.6-utrace.patch, 1.107.6.9, 1.107.6.10 sources, 1.976.2.45, 1.976.2.46 upstream, 1.888.2.44, 1.888.2.45 xen.pvops.patch, 1.1.2.67, 1.1.2.68 btrfs-check-for-read-permission-on-src-file-in-clone-ioctl.patch, 1.1.2.1, NONE iwlwifi_-clear-all-the-stop_queue-flag-after-load-firmware.patch, 1.1.2.1, NONE patch-2.6.32.13.bz2.sign, 1.1.2.1, NONE revert-ath9k_-fix-lockdep-warning-when-unloading-module.patch, 1.1.2.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list