Your message dated Wed, 16 Mar 2005 21:47:30 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#298039: fixed in xli 1.17.0-17
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 4 Mar 2005 08:53:15 +0000
>From [EMAIL PROTECTED] Fri Mar 04 00:53:15 2005
Return-path: <[EMAIL PROTECTED]>
Received: from moutng.kundenserver.de [212.227.126.186]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D78Yd-00089v-00; Fri, 04 Mar 2005 00:53:15 -0800
Received: from bitz8.bitz.briteline.de[195.90.9.8] (helo=anton)
by mrelayeu.kundenserver.de with ESMTP (Nemesis),
id 0MKwpI-1D78Yc17fi-0006L6; Fri, 04 Mar 2005 09:53:14 +0100
Received: by anton (Postfix, from userid 2028)
id C6C4FB6EC4; Fri, 4 Mar 2005 09:53:13 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: =?iso-8859-15?q?Moritz_M=C3=BChlenhoff?= <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: xli: Multiple security problems in xli
X-Mailer: reportbug 2.26.1.1.200308291454
Date: Fri, 04 Mar 2005 09:53:13 +0100
Message-Id: <[EMAIL PROTECTED]>
X-Provags-ID: kundenserver.de [EMAIL PROTECTED]
login:4ad79d65ac46f2345c6ef2e856c1d9ef
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: xli
Version: 1.17.0-16 (not installed)
Severity: grave
Justification: user security hole
[Cc:ing security, as Woody should be affected as well]
Multiple security problems in xli have been found by the Gentoo Security folks:
1. Shell meta characters are inaccurately escaped in compressed images
2. A buffer overflow in "Faces Project images" parsing allows execution of
arbitrary code.
3. Insufficient validation of image properties in xli could potentially result
in buffer management errors (no further information given wrt the impact of
this vulnerability)
Fixes: All problems have been fixed in the latest xli (which doesn't have
overly many differences to the version in sid):
>Sun Feb 27 15:16:08 PST 2005
>
>Fix a security problem in the faces loader, a security problem when
>opening compressed files, and check for integer overflows in image data
>size calculations.
Note: There does only seem to be a CAN assignment for the faces overflow,
(CAN-2001-0775), not for the remaining issues. Could anyone from the
security team please request one?
Cheers,
Moritz
--
Moritz Muehlenhoff [EMAIL PROTECTED] fon: +49 421 22 232- 0
Development Linux for Your Business fax: +49 421 22 232-99
Univention GmbH http://www.univention.de/ mobil: +49 175 22 999 23
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]
---------------------------------------
Received: (at 298039-close) by bugs.debian.org; 17 Mar 2005 03:10:13 +0000
>From [EMAIL PROTECTED] Wed Mar 16 19:10:13 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DBlMI-0007kK-00; Wed, 16 Mar 2005 19:07:38 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DBl2o-00070m-00; Wed, 16 Mar 2005 21:47:30 -0500
From: Graham Wilson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#298039: fixed in xli 1.17.0-17
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Wed, 16 Mar 2005 21:47:30 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: xli
Source-Version: 1.17.0-17
We believe that the bug you reported is fixed in the latest version of
xli, which is due to be installed in the Debian FTP archive:
xli_1.17.0-17.diff.gz
to pool/main/x/xli/xli_1.17.0-17.diff.gz
xli_1.17.0-17.dsc
to pool/main/x/xli/xli_1.17.0-17.dsc
xli_1.17.0-17_powerpc.deb
to pool/main/x/xli/xli_1.17.0-17_powerpc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Graham Wilson <[EMAIL PROTECTED]> (supplier of updated xli package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 08 Mar 2005 06:04:31 +0000
Source: xli
Binary: xli
Architecture: source powerpc
Version: 1.17.0-17
Distribution: unstable
Urgency: high
Maintainer: Graham Wilson <[EMAIL PROTECTED]>
Changed-By: Graham Wilson <[EMAIL PROTECTED]>
Description:
xli - view images under X11
Closes: 298039
Changes:
xli (1.17.0-17) unstable; urgency=high
.
* Fix some old and new security bugs. (closes: #298039)
.
* In face.c, use strncat instead of strcat, which won't overflow the image
name buffer in case the first and last names are too long. Addresses
CAN-2001-0775.
.
* In new.c, check that new*Image functions don't overflow when determining
how much memory to allocate for images.
.
* Use upstream's code to avoid an overflow in buildIndex, rather than the
code I wrote to fix #274310.
Files:
10f275b748124f5edd3ce8afe84c43f3 914 graphics optional xli_1.17.0-17.dsc
fdea256ca3de8a54f23cba8bce0d29da 19199 graphics optional xli_1.17.0-17.diff.gz
dd51c76c38b0a493d8c35ad9c3d23b39 152512 graphics optional
xli_1.17.0-17_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iQEVAwUBQjjtsC6fnYH5E4SWAQLd1AgAg1Ne3eXu1Fnk9MojDPAgGSmcGkKw5EuZ
vT+luO9g+mdr8Kg2R/meZuzmnhdk0+r33gIr9NPthH3Eu/OYDyL42Zcu91kw6TA2
WHtqcoQFU1YVl/CONSaGR8DNtNc88dxvU+dm9KKozKIcLKFnMZgkYL0kc9oFJ0il
qi1KbpZQ35DaSy2zwJQ9AkAT50h+FJHngz1INMnytDHkIqnDrGvFS8HXU6XE7zvi
yfOSRN3UJoOkXDTvfc3tbcKTtIlAjLg3T2dxcGs6XQNTpBI7jKZUeAPFLBguoYHO
d7DR2+2EpvQ565jsVk8yeMmnpkZtnoQYr7vZsMcyt5hYUuuURER8nw==
=szIM
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
