Activity log for bug #1093846
| Date | Who | What changed | Old value | New value | Message |
|---|---|---|---|---|---|
| 2012-12-26 17:24:18 | Didier Barvaux | bug | added bug | ||
| 2012-12-26 17:24:18 | Didier Barvaux | attachment added | ROHC stream that may crash the decompressor https://bugs.launchpad.net/bugs/1093846/+attachment/3468277/+files/ir_with_list_encoding_type_1.pcap | ||
| 2012-12-26 17:25:20 | Didier Barvaux | description | The ROHC decompressor does not check correctly the length of the ROHC packet before parsing the item part of the extension header list. If the item is malformed, the ROHC decompressor may read too many bytes and parses data that was not part of the ROHC packet. Depending on those bytes, it might fail softly or crash. Solution: always check the ROHC packet length before reading items of extension header lists. Please find attached one IR packet with a malformed extension list of type 0. | The ROHC decompressor does not check correctly the length of the ROHC packet before parsing the item part of the extension header list. If the item is malformed, the ROHC decompressor may read too many bytes and parses data that was not part of the ROHC packet. Depending on those bytes, it might fail softly or crash. It might have security implications if someone is able to send malformed ROHC packets to a ROHC decompressor. Solution: always check the ROHC packet length before reading items of extension header lists. Please find attached one IR packet with a malformed extension list of type 0. | |
| 2012-12-26 17:25:33 | Didier Barvaux | nominated for series | rohc/1.3.x | ||
| 2012-12-26 17:25:33 | Didier Barvaux | bug task added | rohc/1.3.x | ||
| 2012-12-26 17:25:33 | Didier Barvaux | nominated for series | rohc/1.4.x | ||
| 2012-12-26 17:25:33 | Didier Barvaux | bug task added | rohc/1.4.x | ||
| 2012-12-26 17:25:33 | Didier Barvaux | nominated for series | rohc/1.5.x | ||
| 2012-12-26 17:25:33 | Didier Barvaux | bug task added | rohc/1.5.x | ||
| 2012-12-26 17:25:33 | Didier Barvaux | nominated for series | rohc/trunk | ||
| 2012-12-26 17:25:33 | Didier Barvaux | bug task added | rohc/trunk | ||
| 2012-12-26 17:25:40 | Didier Barvaux | rohc/trunk: milestone | 1.6.0 | ||
| 2012-12-26 17:25:43 | Didier Barvaux | rohc/1.5.x: milestone | 1.5.2 | ||
| 2012-12-26 17:25:51 | Didier Barvaux | rohc/1.4.x: milestone | 1.4.3 | ||
| 2012-12-26 17:25:55 | Didier Barvaux | rohc/1.3.x: milestone | 1.3.5 | ||
| 2012-12-26 17:26:14 | Didier Barvaux | rohc/trunk: importance | Undecided | Critical | |
| 2012-12-26 17:26:14 | Didier Barvaux | rohc/trunk: status | New | Confirmed | |
| 2012-12-26 17:28:17 | Didier Barvaux | rohc/trunk: status | Confirmed | Fix Committed | |
| 2013-05-19 15:29:15 | Didier Barvaux | rohc/1.5.x: importance | Undecided | Critical | |
| 2013-05-19 15:29:17 | Didier Barvaux | rohc/1.4.x: importance | Undecided | Critical | |
| 2013-05-19 15:29:19 | Didier Barvaux | rohc/1.3.x: importance | Undecided | Critical | |
| 2013-05-19 15:29:29 | Didier Barvaux | rohc/1.5.x: status | New | Confirmed | |
| 2013-05-19 15:45:32 | Didier Barvaux | rohc/1.5.x: status | Confirmed | Fix Committed | |
| 2013-05-19 15:45:32 | Didier Barvaux | rohc/1.5.x: assignee | Didier Barvaux (didier-barvaux) | ||
| 2013-05-19 15:53:28 | Didier Barvaux | rohc/1.4.x: status | New | Fix Committed | |
| 2013-05-19 15:53:28 | Didier Barvaux | rohc/1.4.x: assignee | Didier Barvaux (didier-barvaux) | ||
| 2013-05-19 15:55:01 | Didier Barvaux | rohc/1.3.x: status | New | Confirmed | |
| 2013-05-19 15:59:22 | Didier Barvaux | rohc/1.3.x: status | Confirmed | Won't Fix | |
| 2013-05-20 17:15:02 | Didier Barvaux | rohc/1.4.x: status | Fix Committed | Fix Released | |
| 2013-05-20 17:15:04 | Didier Barvaux | rohc/1.5.x: status | Fix Committed | Fix Released | |
| 2013-06-09 12:05:51 | Didier Barvaux | rohc/trunk: status | Fix Committed | Fix Released |
