From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <systemtap-return-15072-listarch-systemtap=sources.redhat.com@sourceware.org>
Received: (qmail 6321 invoked by alias); 28 Jan 2010 16:47:41 -0000
Received: (qmail 6309 invoked by uid 22791); 28 Jan 2010 16:47:40 -0000
X-SWARE-Spam-Status: No, hits=-2.5 required=5.0 	tests=AWL,BAYES_00,SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: sourceware.org
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28)     by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 28 Jan 2010 16:47:33 +0000
Received: from int-mx05.intmail.prod.int.phx2.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.18]) 	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o0SGlVP7000668 	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) 	for <systemtap@sources.redhat.com>; Thu, 28 Jan 2010 11:47:31 -0500
Received: from [10.11.11.54] (vpn-11-54.rdu.redhat.com [10.11.11.54]) 	by int-mx05.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o0SGlUmW001890; 	Thu, 28 Jan 2010 11:47:30 -0500
Message-ID: <4B61BFA7.5020809@redhat.com>
Date: Thu, 28 Jan 2010 16:47:00 -0000
From: Dave Brolley <brolley@redhat.com>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Tony Jones <tonyj@suse.de>
CC: SystemTAP <systemtap@sources.redhat.com>
Subject: Re: CVE-2009-4273 for stap 1.0?
References: <20100128051807.GA25969@suse.de>
In-Reply-To: <20100128051807.GA25969@suse.de>
Content-Type: multipart/mixed;  boundary="------------080309050403020603040705"
X-IsSubscribed: yes
Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <systemtap.sourceware.org>
List-Subscribe: <mailto:systemtap-subscribe@sourceware.org>
List-Post: <mailto:systemtap@sourceware.org>
List-Help: <mailto:systemtap-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: systemtap-owner@sourceware.org
X-SW-Source: 2010-q1/txt/msg00283.txt.bz2

This is a multi-part message in MIME format.
--------------080309050403020603040705
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-length: 863

Tony Jones wrote:
> Hi Dave.
>
> I just got assigned this CVE from our security team.
>
> I see you committed e1b36074 to rhel54 branch today (obviously thats based on 
> 0.9.7).  We're at beta4 for SLES11SP1 based off 1.0, I was curious if you had 
> a backport in the works for rhel55 which seems to be also v1.0?
>
> This would help me out by not having to roll it myself, especially since it's
> apparantly now public. 
>
>   
Hi Tony,

RHEL55 will soon rebase to systemtap 1.1 which contains the fix, so 
there are currently no plans to backport the fix to 1.0.

If you need to backport to 1.0, I would be happy to help with any 
problems you may encounter. To help get you started, I've attached a 
list of the changes needed to complete the fix.

Please use the public mailing list (systemtap@sources.redhat.com) for 
any further questions.

Thanks,
Dave


--------------080309050403020603040705
Content-Type: text/plain;
 name="CVE-2009-4273.changes.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="CVE-2009-4273.changes.txt"
Content-length: 4114

commit b75067caf1bb416af21473e40c917d953531e9f9
Author: Dave Brolley <brolley@redhat.com>
Date:   Mon Jan 18 11:56:13 2010 -0500

    Correct client-side quoting issues discovered by fche during the server-side reimplementation.
    
    Also add the test cases to the test suite.

commit 27ca40f711f4ab4b0234390443e63b7916a61551
Author: Frank Ch. Eigler <fche@elastic.org>
Date:   Fri Jan 15 16:25:16 2010 -0500

    PR11105: forget about packaging stap-server-request

commit 2a1c9b5db533fe7d2d2d4bac572195c490de62fb
Author: Frank Ch. Eigler <fche@elastic.org>
Date:   Fri Jan 15 12:34:39 2010 -0500

    PR11105: support default unset --prefix
    
    * configure.ac (STAP_PREFIX): Map NONE -> /usr/local.

commit 3f78f0208e1bfe8061d1898418882b5e2756f8a2
Author: Dave Brolley <brolley@redhat.com>
Date:   Fri Jan 15 10:52:11 2010 -0500

    Package command line arguments in separate files.

commit 86f99ad8206574dc6400d48563db58341cb50f52
Author: Frank Ch. Eigler <fche@elastic.org>
Date:   Fri Jan 15 03:27:34 2010 -0500

    PR11105: remove extraneous \n from localized foo.stp script file name

commit 36d1c134edc4bd4ee20225003041188c13b7f36f
Author: Frank Ch. Eigler <fche@elastic.org>
Date:   Fri Jan 15 03:12:53 2010 -0500

    testsuite: fix wording of invalid-entry test group

commit b703674d8fe87b0294f2df739e35545ab124a96e
Author: Frank Ch. Eigler <fche@elastic.org>
Date:   Fri Jan 15 03:11:18 2010 -0500

    PR11105: Remove stap-server-request shell script.
    
    * Makefile.am: Don't install it any more.

commit cf4a6df840531c1b30f8cfa7d10981d071911b98
Author: Frank Ch. Eigler <fche@elastic.org>
Date:   Fri Jan 15 03:06:52 2010 -0500

    PR11105: robustify stap-server
    
    * main.cxx (main): Always downgrade client-provided -p5 to -p4.
    * stap-client (unpack_response): Sanitize stdout due to same.
    * stap-server-connect.c: Eliminate a bunch of globals.
      (handle_connection): Make things locals instead.  Base tmp files
      on $TMPDIR.
      (spawn_and_wait): New helper function.
      (handleRequest): New monster function to inline rest of old
      stap-server-request.

commit e4d80588594a7495a3efedbd3a4281df13ff253b
Author: Dave Brolley <brolley@redhat.com>
Date:   Fri Jan 15 00:47:32 2010 -0500

    PR11105: stap-client wire protocol change

commit 622fa74aa720b3eda55c81530d458e3ea7792bb2
Author: Dave Brolley <brolley@redhat.com>
Date:   Thu Jan 14 15:44:09 2010 -0500

    Allow / as a random argyment character when fuzzing.

commit f73d5cad4e9aa5baa0a763a76cf4516721d29b2a
Author: Dave Brolley <brolley@redhat.com>
Date:   Wed Jan 13 15:07:52 2010 -0500

    Test newline characters as part of fuzzing argument strings.

commit f2aadddae0d01fa5a676404e49c6c36825b40512
Author: Dave Brolley <brolley@redhat.com>
Date:   Mon Jan 11 22:14:36 2010 -0500

    Add some additional test cases.

commit 5f03ebf5b2acccb652c9135627184479bc8d7d47
Author: Dave Brolley <brolley@redhat.com>
Date:   Mon Jan 11 20:19:54 2010 -0500

    Invalid casess can be tested for 'make check'.

commit a0ace4915e5d963c28fa3b54f87afef34b82b6a5
Author: Dave Brolley <brolley@redhat.com>
Date:   Mon Jan 11 20:13:40 2010 -0500

    Rework filtering of client options. Add testsuite.

commit 3c07041760dccbb3151ef21602b8bc5da4b32197
Author: Dave Brolley <brolley@redhat.com>
Date:   Mon Jan 11 14:34:27 2010 -0500

    Filter options for unprivileged use after --stap-client is seen.

commit ed03894041aedf79811d5ad5c41caedbf90052cd
Author: Dave Brolley <brolley@redhat.com>
Date:   Fri Jan 8 16:25:59 2010 -0500

    New test suite for client/server argument handling.

commit 12091330be193cd0836d48c525bab015fcec2c75
Author: Dave Brolley <brolley@redhat.com>
Date:   Thu Jan 7 17:10:30 2010 -0500

    Take care when echoing something that could start with a -.

commit a0626e2e2ea13b6fc974157fb71fe6d48f4c7ec0
Author: Dave Brolley <brolley@redhat.com>
Date:   Thu Jan 7 13:58:11 2010 -0500

    Client argument handling:
    
    Pass partial options to the server instead of complaining about
    them in the client.
    
    Update known failures from buildok in server.exp.


--------------080309050403020603040705--