Your message dated Mon, 25 Aug 2008 21:18:55 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#496125: fixed in libxml2 2.6.32.dfsg-3 has caused the Debian Bug report #496125, regarding AI-written SVG icons cause segfaults?! to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 496125: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496125 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: gnome-accessibility-themes Version: 2.22.2-1 Severity: important Yesterday, Midori (a GTK2/webkit-based web browser) started segfaulting on boot: $ strace midori 2>&1 | tail open("/home/twb/.local/share/midori/extensions", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY|O_CLOEXEC) = -1 ENOENT (No such file or directory) clock_gettime(CLOCK_MONOTONIC, {49547, 289959979}) = 0 clock_gettime(CLOCK_MONOTONIC, {49547, 294614521}) = 0 gettimeofday({1219456699, 984930}, NULL) = 0 open("/usr/share/icons/HighContrast-SVG/scalable/actions/gtk-find.svg", O_RDONLY|O_LARGEFILE) = 6 fstat64(6, {st_mode=S_IFREG|0644, st_size=2073, ...}) = 0 read(6, "<?xml version=\"1.0\" encoding=\"iso"..., 2073) = 2073 close(6) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ So I try opening that file (gtk-find.svg) in imagemagick: $ strace display /usr/share/icons/HighContrast-SVG/scalable/actions/gtk-find.svg 2>&1 | tail fstat64(4, {st_mode=S_IFREG|0644, st_size=2073, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f31000 read(4, "<?xml version=\"1.0\" encoding=\"iso"..., 4096) = 2073 read(4, ""..., 4096) = 0 _llseek(4, 0, [0], SEEK_SET) = 0 mmap2(NULL, 2073, PROT_READ, MAP_PRIVATE, 4, 0) = 0xb7f30000 close(4) = 0 munmap(0xb7f31000, 4096) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ Xzgv also segfaults right after reading the xml declaration: $ strace xzgv /usr/share/icons/HighContrast-SVG/scalable/actions/gtk-find.svg 2>&1 | tail mmap2(NULL, 65096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0xb6ed2000 mmap2(0xb6ee1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0xf) = 0xb6ee1000 close(5) = 0 munmap(0xb73b7000, 34054) = 0 _llseek(4, 0, [0], SEEK_SET) = 0 read(4, "<?xml version=\"1.0\" encoding=\"iso"..., 4096) = 2073 read(4, ""..., 4096) = 0 futex(0xb707c798, FUTEX_WAKE_PRIVATE, 2147483647) = 0 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ And yet they work correctly if I open gtk-fullscreen.svg, for example. Looking at some samples in Emacs suggests that all AI-written icons cause the segfault, and all Inkscape-written icons work correctly. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gnome-accessibility-themes depends on: ii gtk2-engines 1:2.14.3-1 theme engines for GTK+ 2.x ii librsvg2-common 2.22.2-2 SAX-based renderer library for SVG gnome-accessibility-themes recommends no packages. gnome-accessibility-themes suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: libxml2 Source-Version: 2.6.32.dfsg-3 We believe that the bug you reported is fixed in the latest version of libxml2, which is due to be installed in the Debian FTP archive: libxml2-dbg_2.6.32.dfsg-3_amd64.deb to pool/main/libx/libxml2/libxml2-dbg_2.6.32.dfsg-3_amd64.deb libxml2-dev_2.6.32.dfsg-3_amd64.deb to pool/main/libx/libxml2/libxml2-dev_2.6.32.dfsg-3_amd64.deb libxml2-doc_2.6.32.dfsg-3_all.deb to pool/main/libx/libxml2/libxml2-doc_2.6.32.dfsg-3_all.deb libxml2-utils_2.6.32.dfsg-3_amd64.deb to pool/main/libx/libxml2/libxml2-utils_2.6.32.dfsg-3_amd64.deb libxml2_2.6.32.dfsg-3.diff.gz to pool/main/libx/libxml2/libxml2_2.6.32.dfsg-3.diff.gz libxml2_2.6.32.dfsg-3.dsc to pool/main/libx/libxml2/libxml2_2.6.32.dfsg-3.dsc libxml2_2.6.32.dfsg-3_amd64.deb to pool/main/libx/libxml2/libxml2_2.6.32.dfsg-3_amd64.deb python-libxml2_2.6.32.dfsg-3_amd64.deb to pool/main/libx/libxml2/python-libxml2_2.6.32.dfsg-3_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Hommey <[EMAIL PROTECTED]> (supplier of updated libxml2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 25 Aug 2008 22:01:17 +0200 Source: libxml2 Binary: libxml2 libxml2-utils libxml2-dev libxml2-dbg libxml2-doc python-libxml2 Architecture: source all amd64 Version: 2.6.32.dfsg-3 Distribution: unstable Urgency: high Maintainer: Debian XML/SGML Group <[EMAIL PROTECTED]> Changed-By: Mike Hommey <[EMAIL PROTECTED]> Description: libxml2 - GNOME XML library libxml2-dbg - Debugging symbols for the GNOME XML library libxml2-dev - Development files for the GNOME XML library libxml2-doc - Documentation for the GNOME XML library libxml2-utils - XML utilities python-libxml2 - Python bindings for the GNOME XML library Closes: 496125 Changes: libxml2 (2.6.32.dfsg-3) unstable; urgency=high . * Fix DoS which leads to recursive evaluation of entities. Fixes: CVE-2008-3281, without breaking librsvg and others. Closes: #496125. Checksums-Sha1: 2e760d367906f7ef0e0f95f2ac402e8729c76e65 1316 libxml2_2.6.32.dfsg-3.dsc 3daaf05086eb21bb9241e9534c2d8d44574a054f 80290 libxml2_2.6.32.dfsg-3.diff.gz 9150d6354a635148615673330d4dbe2a54a72b64 1341996 libxml2-doc_2.6.32.dfsg-3_all.deb fdd694cc46a421888403a1633c5510486ac0f1a6 859642 libxml2_2.6.32.dfsg-3_amd64.deb ccfc109f58909ea146a796d3d4493714cd0e1815 37392 libxml2-utils_2.6.32.dfsg-3_amd64.deb a3bfaee27e74a7843166a0e707dee145d45c24b3 774596 libxml2-dev_2.6.32.dfsg-3_amd64.deb 320558fc0ddda2a6b5342e2fe10b4c0d16c135ef 988426 libxml2-dbg_2.6.32.dfsg-3_amd64.deb 81dbe795777d139935b5e2ba943c4cf449e273c9 295344 python-libxml2_2.6.32.dfsg-3_amd64.deb Checksums-Sha256: 1f933b777546bd7cdd95643a6e71c97d7750f6445fba7c461c3afb000db70085 1316 libxml2_2.6.32.dfsg-3.dsc b95151d38c86d5cefbad7642b6240e4839c10a19dc4b2bf83d40da2fd29f2526 80290 libxml2_2.6.32.dfsg-3.diff.gz f3583b229010e45f46bce230b9d3253258119ce7aa6332ac293d7bfe87b78a8a 1341996 libxml2-doc_2.6.32.dfsg-3_all.deb 43bb3761e5ae8bc42ec6ff2f508fb9b532a87775728e20e3d1e3f43677e7c489 859642 libxml2_2.6.32.dfsg-3_amd64.deb 92b56f93a05538b6f4aa28733ac99af0773213c258abb743238167991cfb4a71 37392 libxml2-utils_2.6.32.dfsg-3_amd64.deb 866e22a3b435dd5737b292e4fda6cf8ff0a2c01d39b888ad4c88f17a67f397b0 774596 libxml2-dev_2.6.32.dfsg-3_amd64.deb 9c80aa4f100205136da5d6da8c26773c5b05747d152fa769e93c56d25565a17b 988426 libxml2-dbg_2.6.32.dfsg-3_amd64.deb 7e51a65cfdfe938f4a8eb6b6f172c026bde15ad1cbbbc4c02bb5d1086d7dfd12 295344 python-libxml2_2.6.32.dfsg-3_amd64.deb Files: 302068c096d8fba6725a385e1f9150c9 1316 libs optional libxml2_2.6.32.dfsg-3.dsc 9f086387f32b036909e263134dabe742 80290 libs optional libxml2_2.6.32.dfsg-3.diff.gz 4b7bf63100e121ff932966261f574882 1341996 doc optional libxml2-doc_2.6.32.dfsg-3_all.deb 73ce8c7ead1f98119efdb2544050c732 859642 libs optional libxml2_2.6.32.dfsg-3_amd64.deb 48e83517e3c85cad0083ad5e6771b643 37392 text optional libxml2-utils_2.6.32.dfsg-3_amd64.deb 8eac4cbf3a4bee9465181e4c74adb56d 774596 libdevel optional libxml2-dev_2.6.32.dfsg-3_amd64.deb 4b019ca5522090c118f2b169adb75350 988426 libdevel extra libxml2-dbg_2.6.32.dfsg-3_amd64.deb b48a6580d51dc2d0c6ed6a9187065dc0 295344 python optional python-libxml2_2.6.32.dfsg-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIsxcZ3kvaLFT9KlgRAjhnAJ42+CZXM97mB9lsUvMcjk7DObchPACgg80U uyDN/t7LrTLsPht+4WPsKXE= =so5o -----END PGP SIGNATURE-----
--- End Message ---
