Bug 48466 - UDN: Potential write stall in network_client_all_write()
UDN: Potential write stall in network_client_all_write()
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Notifier (univention-directory-notifier)
UCS 4.4
Other Linux
: P5 normal (vote)
: UCS 4.4-0-errata
Assigned To: Philipp Hahn
Arvid Requate
:
Depends on: 49198
Blocks: 41687 49211
  Show dependency treegraph
 
Reported: 2019-01-14 16:08 CET by Philipp Hahn
Modified: 2021-10-13 10:42 CEST (History)
3 users (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2016053021000286
Bug group (optional): Cleanup
Max CVSS v3 score: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) PMH


Attachments
univention-directory-notifier.yaml (308 bytes, text/plain)
2019-03-29 18:04 CET, Philipp Hahn
Details

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Philipp Hahn univentionstaff 2019-01-14 16:33:15 CET
CWE-400: Uncontrolled Resource Consumption <https://cwe.mitre.org/data/definitions/400.html>
Comment 2 Philipp Hahn univentionstaff 2019-03-18 17:47:07 CET
[4.4-0] 197d74a2cc Bug #48466 udn: Use non-blocking network socket
 .../univention-directory-notifier/debian/changelog |  6 ++++
 .../univention-directory-notifier/src/callback.c   | 33 +++++++++++++---------
 .../univention-directory-notifier/src/network.c    | 30 ++++++++++++++++----
 3 files changed, 49 insertions(+), 20 deletions(-)
Comment 3 Philipp Hahn univentionstaff 2019-03-19 07:12:22 CET
Package: univention-directory-notifier
Version: 13.0.1-8A~4.4.0.201903181747
Branch: ucs_4.4-0-errata4.4-0
Scope: errata4.4-0

[4.4-0] c6a1c86518 Bug #48466: univention-directory-notifier 13.0.1-8A~4.4.0.201903181747
 doc/errata/staging/univention-directory-notifier.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

CVE-TMP48466
Comment 4 Philipp Hahn univentionstaff 2019-03-29 18:01:25 CET
Patch was reverted temporarily to fast-track Bug #49198; needs to be re-applied and re-build after that bug is released.
Comment 5 Philipp Hahn univentionstaff 2019-03-29 18:04:48 CET
Created attachment 9947 [details]
univention-directory-notifier.yaml

Temporary staged
Comment 6 Philipp Hahn univentionstaff 2019-04-01 11:21:12 CEST
[4.4-0] e0a568dda2 Bug #48466 udn: Version bump after Bug #49198
 management/univention-directory-notifier/debian/changelog | 6 ++++++
 1 file changed, 6 insertions(+)

Package: univention-directory-notifier
Version: 13.0.1-10A~4.4.0.201904011034
Branch: ucs_4.4-0
Scope: errata4.4-0

[4.4-0] a8778bbdbf Bug #48466: univention-directory-notifier 13.0.1-10A~4.4.0.201904011034
 doc/errata/staging/univention-directory-notifier.yaml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

QA: Backport needed for UCS-4.3 - please clone after QA
Comment 7 Arvid Requate univentionstaff 2019-04-01 12:17:05 CEST
Verified:
* Code review
* Functional test
* Advisory
Comment 8 Arvid Requate univentionstaff 2019-04-03 11:38:32 CEST
<http://errata.software-univention.de/ucs/4.4/32.html>