Your message dated Fri, 11 Nov 2005 11:17:22 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#298183: fixed in lesstif1-1 1:0.93.94-12
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Mar 2005 14:35:01 +0000
>From [EMAIL PROTECTED] Sat Mar 05 06:35:01 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org (vserver151.vserver151.serverflex.de)
[193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D7aMu-0002QM-00; Sat, 05 Mar 2005 06:35:00 -0800
Received: from pd958935d.dip.t-dialin.net ([217.88.147.93]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.44)
id 1D7aMs-00055t-FB
for [EMAIL PROTECTED]; Sat, 05 Mar 2005 15:34:58 +0100
Received: from jmm by localhost.localdomain with local (Exim 4.50)
id 1D7aMp-000246-Bm
for [EMAIL PROTECTED]; Sat, 05 Mar 2005 15:34:55 +0100
Content-Type: multipart/mixed; boundary="===============2114963271=="
MIME-Version: 1.0
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: lesstif1-1: Further unfixed XPM buffer overflows (CAN-2005-0605)
X-Mailer: reportbug 3.8
Date: Sat, 05 Mar 2005 15:34:54 +0100
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 217.88.147.93
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
This is a multi-part MIME message sent by reportbug.
--===============2114963271==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: lesstif1-1
Severity: grave
Tags: security, patch
Justification: user security hole
Quoting from a recent Gentoo security advisory:
> Chris Gilbert discovered potentially exploitable buffer overflow cases
> in libXpm that weren't fixed in previous libXpm security advisories.
This has been assigned CAN-2005-0605, Woody should be affected as
well.
The attached patch has been taken from Gentoo bugtracking, as the
lesstif CVS doesn't have a commit yet. Judging from the source I assume
that this fixes only lesstif2, but not lesstif1, am I correct?
Cheers,
Moritz
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
--===============2114963271==
Content-Type: text/x-c; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="lesstif-CAN-2005-0605.patch"
--- lesstif-0.94.0/lib/Xm-2.1/Xpmscan.c.orig 2005-03-02 17:00:16.415070960
+0100
+++ lesstif-0.94.0/lib/Xm-2.1/Xpmscan.c 2005-03-02 17:01:38.949709879 +0100
@@ -672,8 +672,8 @@
char *dst;
unsigned int *iptr;
char *data;
- unsigned int x, y, i;
- int bits, depth, ibu, ibpp, offset;
+ unsigned int x, y;
+ int bits, depth, ibu, ibpp, offset, i;
unsigned long lbt;
Pixel pixel, px;
@@ -684,6 +684,9 @@
ibpp = image->bits_per_pixel;
offset = image->xoffset;
+ if (image->bitmap_unit < 0)
+ return (XpmNoMemory);
+
if ((image->bits_per_pixel | image->depth) == 1) {
ibu = image->bitmap_unit;
for (y = 0; y < height; y++)
--- lesstif-0.94.0/lib/Xm-2.1/Xpmcreate.c.orig 2005-03-02 17:02:00.626412844
+0100
+++ lesstif-0.94.0/lib/Xm-2.1/Xpmcreate.c 2005-03-02 17:02:35.183562480
+0100
@@ -1265,10 +1265,10 @@
register char *src;
register char *dst;
register unsigned int *iptr;
- register unsigned int x, y, i;
+ register unsigned int x, y;
register char *data;
Pixel pixel, px;
- int nbytes, depth, ibu, ibpp;
+ int nbytes, depth, ibu, ibpp, i;
data = image->data;
iptr = pixelindex;
--===============2114963271==--
---------------------------------------
Received: (at 298183-close) by bugs.debian.org; 11 Nov 2005 19:26:01 +0000
>From [EMAIL PROTECTED] Fri Nov 11 11:26:01 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EaeOo-0000vj-Bp; Fri, 11 Nov 2005 11:17:22 -0800
From: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#298183: fixed in lesstif1-1 1:0.93.94-12
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 11 Nov 2005 11:17:22 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2
Source: lesstif1-1
Source-Version: 1:0.93.94-12
We believe that the bug you reported is fixed in the latest version of
lesstif1-1, which is due to be installed in the Debian FTP archive:
lesstif-dev_0.93.94-12_i386.deb
to pool/main/l/lesstif1-1/lesstif-dev_0.93.94-12_i386.deb
lesstif1-1_0.93.94-12.diff.gz
to pool/main/l/lesstif1-1/lesstif1-1_0.93.94-12.diff.gz
lesstif1-1_0.93.94-12.dsc
to pool/main/l/lesstif1-1/lesstif1-1_0.93.94-12.dsc
lesstif1_0.93.94-12_i386.deb
to pool/main/l/lesstif1-1/lesstif1_0.93.94-12_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sam Hocevar (Debian packages) <[EMAIL PROTECTED]> (supplier of updated
lesstif1-1 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 11 Nov 2005 16:07:34 +0100
Source: lesstif1-1
Binary: lesstif-dev lesstif1
Architecture: source i386
Version: 1:0.93.94-12
Distribution: unstable
Urgency: low
Maintainer: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]>
Changed-By: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]>
Description:
lesstif-dev - development library and header files for LessTif 1.2
lesstif1 - OSF/Motif 1.2 implementation released under LGPL
Closes: 279402 287187 294099 298183 299236 335132
Changes:
lesstif1-1 (1:0.93.94-12) unstable; urgency=low
.
* Acknowledge previous NMUs. Thanks a million to Joey Hess and Matej Vela
for their work (Closes: #294099, #298183, #299236, #279402, #287187).
* Upstream dropped support for lesstif1. This package will generate lesstif1
binaries only. When all Debian packages have been migrated to lesstif2 it
will be discontinued.
* debian/control:
+ Set policy to 3.6.2.1.
+ Build-depend on debhelper >= 4.0.
+ No longer build-depend on autoconf, automake and libtool
(Closes: #335132).
* Rebootstrapped "." and "test".
Files:
948f4b89b5889b4a3f6c6eb0a39b847d 760 libs optional lesstif1-1_0.93.94-12.dsc
f3d89e0f89995ccbc64bf51ea8a827d4 361215 libs optional
lesstif1-1_0.93.94-12.diff.gz
f4e01a69dd32775258ff71d8b362183c 603924 libs optional
lesstif1_0.93.94-12_i386.deb
8ed2ce8f8352e0a8850cf5f55da4308c 812750 libdevel optional
lesstif-dev_0.93.94-12_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDdNsEfPP1rylJn2ERAjqgAJ9DKhih+eE764cXKcH6EdUZ1pz0ugCfRq3D
KWciC3nZj8HLUCq0JEcyLIk=
=7Czj
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
