Source: fastdds
Version: 2.11.2+ds-6.1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 2.11.2+ds-6

Hi,

The following vulnerability was published for fastdds.

CVE-2023-50716[0]:
| eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of
| the Data Distribution Service standard of the Object Management
| Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7,
| an invalid DATA_FRAG Submessage causes a bad-free error, and the
| Fast-DDS process can be remotely terminated. If an invalid Data_Frag
| packet is sent, the `Inline_qos, SerializedPayload` member of object
| `ch` will attempt to release memory without initialization,
| resulting in a 'bad-free' error. Versions 2.13.0, 2.12.2, 2.11.3,
| 2.10.2, and 2.6.7 fix this issue.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-50716
https://www.cve.org/CVERecord?id=CVE-2023-50716
[1] https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Processing control commands:

found -1 2.11.2+ds-6

Bug #1066119 [src:fastdds] fastdds: CVE-2023-50716
Marked as found in versions fastdds/2.11.2+ds-6.

--
1066119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066119
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a multi-part message in MIME format...

Your message dated Wed, 17 Apr 2024 18:10:11 +0000
with message-id <E1rx9jX-00FOVC-FW@fasolo.debian.org>
and subject line Bug#1066119: fixed in fastdds 2.14.0+ds-1
has caused the Debian Bug report #1066119,
regarding fastdds: CVE-2023-50716
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


--
1066119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066119
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

Received: (at submit) by bugs.debian.org; 12 Mar 2024 21:14:05 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
(2021-04-09) on buxtehude.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-6.9 required=4.0 tests=BAYES_00,FOURLA,FROMDEVELOPER,
FVGT_m_MULTI_ODD,HELO_LH_HOME,KHOP_HELO_FCRDNS,RDNS_DYNAMIC,
SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,XMAILER_REPORTBUG
autolearn=ham autolearn_force=no
version=3.4.6-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 27; hammy, 150; neutral, 68; spammy,
0. spammytokens: hammytokens:0.000-+--H*F:U*carnil,
0.000-+--XDebbugsCc, 0.000-+--X-Debbugs-Cc, 0.000-+--H*M:reportbug,
0.000-+--H*MI:reportbug
Return-path: <carnil@debian.org>
Received: from c-82-192-242-114.customer.ggaweb.ch ([82.192.242.114]:60868 helo=eldamar.lan)
by buxtehude.debian.org with esmtp (Ex