CVE-2018-1320

NameCVE-2018-1320
DescriptionApache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-1662-1
Debian Bugs918736

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libthrift-java (PTS)jessie, jessie (lts)0.9.1-2+deb8u1fixed
stretch0.9.1-2.1~deb9u1fixed
bookworm0.16.0-2fixed
sid, trixie0.19.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libthrift-javasourcewheezy(unfixed)end-of-life
libthrift-javasourcejessie0.9.1-2+deb8u1DLA-1662-1
libthrift-javasourcestretch0.9.1-2.1~deb9u1
libthrift-javasource(unstable)0.9.1-2.1918736

Notes

https://issues.apache.org/jira/browse/THRIFT-4506
https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e

Search for package or bug name: Reporting problems