Bug 253515

Summary: sysutils/screen: CVE-2021-26937
Product: Ports & Packages Reporter: Daniel Engberg <diizzy>
Component: Individual Port(s)Assignee: Cy Schubert <cy>
Status: Closed FIXED    
Severity: Affects Many People CC: chris
Priority: --- Flags: bugzilla: maintainer-feedback? (cy)
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Patch none

Description Daniel Engberg freebsd_committer freebsd_triage 2021-02-14 18:14:26 UTC
Not a users but it's still a popular port
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937
Comment 1 Cy Schubert freebsd_committer freebsd_triage 2021-02-14 18:59:43 UTC
No upstream patch exists yet. Will need to cobble something up ourselves.
Comment 2 Cy Schubert freebsd_committer freebsd_triage 2021-02-14 19:01:02 UTC
Can you provide the exploit to to me, please. I would like to try to use it to create a patch. Thank you.
Comment 3 Cy Schubert freebsd_committer freebsd_triage 2021-02-14 19:41:53 UTC
Created attachment 222444 [details]
Patch

Found a patch. Need to test it against the exploit. If anyone can point to the exploit script.
Comment 4 Cy Schubert freebsd_committer freebsd_triage 2021-02-14 20:43:52 UTC
The exploit at https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html doesn't work on FreeBSD.
Comment 5 commit-hook freebsd_committer freebsd_triage 2021-02-15 01:36:23 UTC
A commit references this bug:

Author: cy
Date: Mon Feb 15 01:35:36 UTC 2021
New revision: 565281
URL: https://svnweb.freebsd.org/changeset/ports/565281

Log:
  Fix CVE-2021-26937: segfaults by displaying some UTF-8 characters

  CVE-2021-26937 segfaults when displayingsome UTF-8 characters
  described in
  https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html.

  PR:		253515
  Reported by:	daniel.engberg.lists at pyret.net
  Obtained from:	https://build.opensuse.org/request/show/871482
  MFH:		2020Q1
  Security:	CVE-2021-26937

Changes:
  head/sysutils/screen/Makefile
  head/sysutils/screen/files/patch-ansi.c
  head/sysutils/screen/files/patch-encoding.c
Comment 6 commit-hook freebsd_committer freebsd_triage 2021-02-15 19:18:18 UTC
A commit references this bug:

Author: cy
Date: Mon Feb 15 19:17:28 UTC 2021
New revision: 565328
URL: https://svnweb.freebsd.org/changeset/ports/565328

Log:
  Revert r565281. It breaks UTF-8.

  Reported by:	Trond.Endrestol at ximalas.info
  		Christos Chatzaras <chris at cretaforce.gr>
  PR:		253515

Changes:
  head/sysutils/screen/Makefile
  head/sysutils/screen/files/patch-ansi.c
  head/sysutils/screen/files/patch-encoding.c
Comment 7 Cy Schubert freebsd_committer freebsd_triage 2021-02-15 19:54:22 UTC
The OpenSuSE patch breaks screen. The upstream bug is marked private and no commits have been made to the upstream git repo.
Comment 8 commit-hook freebsd_committer freebsd_triage 2021-02-16 00:45:16 UTC
A commit references this bug:

Author: cy
Date: Tue Feb 16 00:45:10 UTC 2021
New revision: 565376
URL: https://svnweb.freebsd.org/changeset/ports/565376

Log:
  Fix CVE-2021-26937 for real: segfaults by displaying some UTF-8 characters

  This is a recommit of r565281 fixing a typo in r565281, causing
  a regression.

  CVE-2021-26937 segfaults when displayingsome UTF-8 characters
  described in
  https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html.

  PR:		253515
  Reported by:	daniel.engberg.lists at pyret.net
  Obtained from:	https://build.opensuse.org/request/show/871482
  MFH:		2020Q1
  Security:	CVE-2021-26937

Changes:
  head/sysutils/screen/Makefile
  head/sysutils/screen/files/patch-ansi.c
  head/sysutils/screen/files/patch-encoding.c
Comment 9 Cy Schubert freebsd_committer freebsd_triage 2021-03-27 03:00:07 UTC
Fixed.