[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due impro
From:       Behdad Esfahbod <behdad () behdad ! org>
Date:       2012-05-23 1:48:42
Message-ID: 4FBC41FA.7020208 () behdad ! org
[Download RAW message or body]

[+chpe]

On 05/22/2012 09:53 AM, Jan Lieskovsky wrote:

> B) vte issue:
> =============
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673871#5
> 
> there is similar issue in vte too (Gnome bug private for now):
> https://bugzilla.gnome.org/show_bug.cgi?id=676090
> 
> Cc-ed Behdad Esfahbod on this post to clarify, what are the upstream plans
> regarding this report in vte and if the CVE id has been already assigned for
> it.

Christian Persch, CC'ed, has already produced two patches to address these issues:

  * Limit all parsed integers in escape sequences to 65535.  This is in line
with the mosh change,

  * In the specific sequences mentioned in the original report, limit to
screen metrics (columns, rows, etc) the same way that xterm does this.

The patches have not been committed yet from what I can see.  If there's a
coordinated embargo release date being set for this, we can respect that I
believe.

behdad
[prev in list] [next in list] [prev in thread] [next in thread]