Date: Tue, 22 May 2012 21:48:42 -0400 From: Behdad Esfahbod <behdad@...dad.org> To: oss-security@...ts.openwall.com CC: Jan Lieskovsky <jlieskov@...hat.com>, "Steven M. Christey" <coley@...us.mitre.org>, Christian Persch <chpe@...me.org> Subject: Re: CVE Request -- mosh (and probably vte too): mosh server DoS (long loop) due improper parsing of terminal parameters in terminal dispatcher [+chpe] On 05/22/2012 09:53 AM, Jan Lieskovsky wrote: > B) vte issue: > ============= > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673871#5 > > there is similar issue in vte too (Gnome bug private for now): > https://bugzilla.gnome.org/show_bug.cgi?id=676090 > > Cc-ed Behdad Esfahbod on this post to clarify, what are the upstream plans > regarding this report in vte and if the CVE id has been already assigned for > it. Christian Persch, CC'ed, has already produced two patches to address these issues: * Limit all parsed integers in escape sequences to 65535. This is in line with the mosh change, * In the specific sequences mentioned in the original report, limit to screen metrics (columns, rows, etc) the same way that xterm does this. The patches have not been committed yet from what I can see. If there's a coordinated embargo release date being set for this, we can respect that I believe. behdad
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.