Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2013.0297 Vulnerabilities in grep 28 February 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: grep Publisher: NetBSD Operating System: NetBSD UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2012-5667 Original Bulletin: http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2013-004.txt.asc Comment: This advisory references vulnerabilities in products which run on platforms other than NetBSD. It is recommended that administrators running grep check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2013-004 ================================= Topic: Vulnerabilities in grep Version: NetBSD-current: affected prior to Jan 5th, 2013 NetBSD 6.0.*: affected NetBSD 6.0: affected NetBSD 5.2.*: affected NetBSD 5.1.*: affected NetBSD 5.0.*: affected pkgsrc: textproc/grep prior to 2.13 Severity: Arbitrary Code Execution Fixed: NetBSD-current: Jan 5th, 2013 NetBSD-6-0 branch: Jan 13th, 2013 NetBSD-6 branch: Jan 13th, 2013 NetBSD-5-2 branch: Jan 13th, 2013 NetBSD-5-1 branch: Jan 13th, 2013 NetBSD-5-0 branch: Jan 13th, 2013 NetBSD-5 branch: Jan 13th, 2013 pkgsrc textproc/grep: grep-2.13 corrects this issue Please note that NetBSD releases prior to 5.0 are no longer supported. It is recommended that all users upgrade to a supported release. Abstract ======== Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow. This vulnerability has been assigned CVE-2012-5667. Technical Details ================= See http://openwall.com/lists/oss-security/2012/12/22/6 The PCRE aspect of the vulnerability does not apply to NetBSD. Solutions and Workarounds ========================= Workaround: Don't run grep against files of dubious provenance with lines of 2 GB, or longer. Fix: Replace grep with a fixed version. The fastest method to do that is to obtain a base.tgz matching your system from http://nyftp.netbsd.org/pub/NetBSD-daily/ dated 20130114 or later, and to extract ./usr/bin/egrep, ./usr/bin/fgrep and ./usr/bin/grep as well as ./rescue/egrep, ./rescue/fgrep and ./rescue/grep from it. The following instructions describe how to upgrade your grep binaries by updating your source tree and rebuilding and installing a new version of grep. The following files contain the fix: gnu/dist/grep/lib/getopt.c gnu/dist/grep/lib/regex.c gnu/dist/grep/src/ansi2knr.c HEAD 1.2 netbsd-6 1.1.1.1.56.1 netbsd-6-0 1.1.1.1.62.1 netbsd-5 1.1.1.1.38.1 netbsd-5-2 1.1.1.1.64.1 netbsd-5-1 1.1.1.1.46.1 netbsd-5-0 1.1.1.1.42.1 gnu/dist/grep/src/dfa.c HEAD 1.3 netbsd-6 1.2.56.1 netbsd-6-0 1.2.62.1 netbsd-5 1.2.38.1 netbsd-5-2 1.2.64.1 netbsd-5-1 1.2.46.1 netbsd-5-0 1.2.42.1 gnu/dist/grep/src/grep.c HEAD 1.14 netbsd-6 1.13.8.1 netbsd-6-0 1.13.14.1 netbsd-5 1.12.4.1 netbsd-5-2 1.12.2.1 netbsd-5-1 1.12.12.1 netbsd-5-0 1.12.8.1 gnu/dist/grep/src/search.c HEAD 1.4 netbsd-6 1.3.20.1 netbsd-6-0 1.3.26.1 netbsd-5 1.3.4.1 netbsd-5-2 1.3.28.1 netbsd-5-1 1.3.12.1 netbsd-5-0 1.3.8.1 To update from CVS, re-build, and re-install grep: # cd src # cvs update -d -P gnu/dist/grep # cd gnu/usr.bin/grep # make USETOOLS=no cleandir dependall # make USETOOLS=no install # cd ../../../usr.bin/ldd # make USETOOLS=no cleandir dependall # cd ../../rescue # make USETOOLS=no cleandir dependall # make USETOOLS=no install Thanks To ========= Joshua Rogers for identifying the problem in GNU grep. Ignatios Souvatzis and Alan Barrett for collaborating on a GPLv2 fix. Revision History ================ 2013-02-26 Initial release More Information ================ Advisories may be updated as new information becomes available. The most recent version of this advisory (PGP signed) can be found at http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2013-004.txt.asc Information about NetBSD and NetBSD security can be found at http://www.NetBSD.org/ and http://www.NetBSD.org/Security/ . Copyright 2013, The NetBSD Foundation, Inc. All Rights Reserved. Redistribution permitted only in full, unmodified form. $NetBSD: NetBSD-SA2013-004.txt,v 1.1 2013/02/26 19:45:50 tonnerre Exp $ - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (NetBSD) iQIcBAEBAgAGBQJRLRIBAAoJEAZJc6xMSnBuo0oQAKwd6+VU7q/XNA+GIh9yyn/a rXy0VmPx3uUQuMCdrzOmcXzyW9RzW9Gskv1Xgzo1T+HrTc7iQ9LMWtQfZSwPSYVk DEecyvIyAjeoEc4Ticbz2I0DxC0uRCDmMd2KhKQz/2C7XD6hUcDoVChUimNAeBxj l84VNPnyUzf3n2osaVA+1VRghsO1ITrF+c4Fxz1b1fX3C6wCOvi834BzEQGBH/LI o3nzsyC2w+0WiK0be3Nvt4dChlPNM7uiEqjS5833Zp3LauAxgKGhuQpsc34PL2V9 pA1chFw2Iay4Px1keYAczCbrmKHbGCZpO2WcGpiqW2Xe9S/yMiwGKN2MH3cTOVrm V6bz9UdyzfMz/TAlXwqC00c3AQ66FFXkNlHkdi6V5l3ZkLEKAxsZhtUziJxev3m9 E6/XZOT0BPggiG7+edJN6HgfzOGZZgonssUGXjjxk/R2Cu6HInbQ8jrcUaHdTOYR W+zRuCLU21klZWUZTqSLPH/csEq1q2dyWLkkP8HdveVlg/VzD4cpb+mAaAWa9iHD 6cEPNswYFqrpVneHUaeFdPe1mKTXfesOwxi6aHvQojZHnEiCdihvjSd28S+303po 5k3DQQiZYjFlzvHhXjXFGw9YgiXS3id/uEnm5aIJ505uZ7W0IzZuyfm0z5o7qqGj a7cXpgp2M9dYialzRVlE =3W1g - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUS7O++4yVqjM2NGpAQKavA/+I0isVdY2hEbHyO5LXst2tdDXhzb8Et5Y bHUXQhGl4qN8pp9Bvhz0AQ0obAcfCp6a2z90laXvV3oJDPn6WLw+ESTAo9K7Hqgd UVED+8WmF5XSnY7XhiTPDhm9u5rHZ5bmsNF1vMVR2jbhxp55f57XNYIHkDJk083t OB9GH6WdxGr58BhP6ml9LTMQ4MWiIhma96uRUjl1zTcGdEYsqEJ04H+RSQayL8lX U+DMSnsaBWxHlc/c+mlmsS4fbayDIYol0G56TQLUTZutmZw/tK63aVetjfVb68w5 wlQfMnySbLlOuZ/2zshzx7v71p7C6Ph0x73A778yz8CNQTtkArUZDOU5DX0ej1Zv JmOxzgJclI8ojJnbMcb+Y9+nZq2CE7jibsDUdLodJo9LZtn7uaDzhzNLVLWegbQS YDihB2Jn5dSmFe/ROg0YZnf7AY6TFbV4uilvWXWVhVZWKNBnmakBshiSyVYCIYIG pCtCaNqdQ7jOdeL0UvxX52GoBkoON1QhuKKGSuj6Y5KgaW2DX/b2D8CZtd4pkLHS COzsjsilrZevy7wdVzlRImM5lQPezL53AfZotjD3UG71ttUcoDO7ltALi49erzyg XGewaSsZ9lBISI5zeuWUXeHQ1Wg6penKDs0miAmIfuvdAAN+JohKYBOvIJxaAKWr xiiTxNWccvI= =HkXk -----END PGP SIGNATURE-----