Your message dated Sun, 13 Mar 2005 13:02:57 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#278282: fixed in gs-common 0.3.7
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 25 Oct 2004 21:02:54 +0000
>From [EMAIL PROTECTED] Mon Oct 25 14:02:54 2004
Return-path: <[EMAIL PROTECTED]>
Received: from kitenet.net [64.62.161.42] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CMBzS-0000wJ-00; Mon, 25 Oct 2004 14:02:54 -0700
Received: from dragon.kitenet.net (unknown [66.168.94.144])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "Joey Hess", Issuer "Joey Hess" (verified OK))
by kitenet.net (Postfix) with ESMTP id 20D5717E06
for <[EMAIL PROTECTED]>; Mon, 25 Oct 2004 21:02:51 +0000 (GMT)
Received: by dragon.kitenet.net (Postfix, from userid 1000)
id 1E2D16E13C; Mon, 25 Oct 2004 17:03:59 -0400 (EDT)
Date: Mon, 25 Oct 2004 17:03:59 -0400
From: Joey Hess <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: multiple insecure temporary file vulnerabilities
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="x+6KMIRAuhnl3hBn"
Content-Disposition: inline
X-Reportbug-Version: 3.0
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: gs-common
Version: 0.3.6
Severity: serious
Tags: security
CAN-2004-0967 describes multiple insecure uses of temporary files in
programs ghostscript:
The (1) pj-gs.sh, ps2epsi(2) , (3) pv.sh, and (4) sysvlp.sh scripts in th=
e ESP
Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and
possibly other operating systems, allow local users to overwrite files vi=
a a
symlink attack on temporary files.
Of these, ps2epsi and pv.sh were all I could find in Debian, in the
gs-common package.=20
ps2epsi is clearly vulnerable:
tmpfile=3D/tmp/ps2epsi$$
I think this part of pv.sh is vulnerable, if it happens to be run in /tmp or
another world-writable directory.
dvips -p $PAGE -n 1 $FILE $* -o $FILE.$$.pv
There's a patch here:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=3D136321
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27
Locale: LANG=3Den_US, LC_CTYPE=3Den_US (charmap=3DISO-8859-1)
Versions of packages gs-common depends on:
ii debconf 1.4.39 Debian configuration managemen=
t sy
ii debianutils 2.10.3 Miscellaneous utilities specif=
ic t
ii defoma 0.11.8-0.1 Debian Font Manager -- automat=
ic f
ii gs 8.01-5 Transitional package
ii gs-gpl [gs] 8.01-5 The GPL Ghostscript PostScript=
int
ii gsfonts 8.14+v8.11-0.1 Fonts for the Ghostscript inte=
rpre
-- no debconf information
--=20
see shy jo
--x+6KMIRAuhnl3hBn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBfWo+d8HHehbQuO8RAk1iAJ9lr/8SUNT6TxMnjhfZ2tStZjHjSgCfV8JN
s8z9PQImVhYSlU93E+TyhnQ=
=49nA
-----END PGP SIGNATURE-----
--x+6KMIRAuhnl3hBn--
---------------------------------------
Received: (at 278282-close) by bugs.debian.org; 13 Mar 2005 18:10:31 +0000
>From [EMAIL PROTECTED] Sun Mar 13 10:10:31 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DAXXr-0002JH-00; Sun, 13 Mar 2005 10:10:31 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DAXQX-0008Mh-00; Sun, 13 Mar 2005 13:02:57 -0500
From: Masayuki Hatta (mhatta) <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#278282: fixed in gs-common 0.3.7
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 13 Mar 2005 13:02:57 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
Source: gs-common
Source-Version: 0.3.7
We believe that the bug you reported is fixed in the latest version of
gs-common, which is due to be installed in the Debian FTP archive:
gs-common_0.3.7.dsc
to pool/main/g/gs-common/gs-common_0.3.7.dsc
gs-common_0.3.7.tar.gz
to pool/main/g/gs-common/gs-common_0.3.7.tar.gz
gs-common_0.3.7_all.deb
to pool/main/g/gs-common/gs-common_0.3.7_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Masayuki Hatta (mhatta) <[EMAIL PROTECTED]> (supplier of updated gs-common
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 13 Mar 2005 15:53:43 +0900
Source: gs-common
Binary: gs-common
Architecture: source all
Version: 0.3.7
Distribution: unstable
Urgency: low
Maintainer: Masayuki Hatta (mhatta) <[EMAIL PROTECTED]>
Changed-By: Masayuki Hatta (mhatta) <[EMAIL PROTECTED]>
Description:
gs-common - Common files for different Ghostscript releases
Closes: 278282 290169
Changes:
gs-common (0.3.7) unstable; urgency=low
.
* New upstream release, based on GPL gs 8.15.
* Acknowledged NMU, thanks guys - closes:#278282
* Fixed copyright information - closes: #290169
Files:
b6aa4e543f800accb45613300258e92f 571 text optional gs-common_0.3.7.dsc
aac1335bef22c1923126d511bc616680 33138 text optional gs-common_0.3.7.tar.gz
1adc90bba3dabc5f91eec5be7f292a39 47918 text optional gs-common_0.3.7_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCNHyhy2+jQOcHWlQRAvf+AJ9Lu52e/PDGQCfdfZFo889SZ+/JYwCgnvMC
VG0g0YkwAaWUMbabnS8KKx4=
=6wg4
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
