Your message dated Sun, 04 Mar 2007 11:39:57 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#411944: fixed in ekiga 2.0.3-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: ekiga
Version: 2.0.3-2
Severity: grave
Tags: patch, security, fixed-upstream
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1006 says:
"Multiple format string vulnerabilities in the
gm_main_window_flash_message function in Ekiga before 2.0.5 allow
attackers to cause a denial of service and possibly execute arbitrary
code via a crafted Q.931 SETUP packet."
See attached patch for upstream fix.
--
Kees Cook @outflux.net
Index: urlhandler.cpp
===================================================================
--- urlhandler.cpp (revision 4825)
+++ urlhandler.cpp (revision 4826)
@@ -532,13 +532,13 @@
if (call_address.Find ("+type=directory") != P_MAX_INDEX) {
- gm_main_window_flash_message (main_window, _("User not found"));
+ gm_main_window_flash_message (main_window, "%s", _("User not found"));
call_history_item->end_reason = g_strdup (_("User not found"));
endpoint->SetCallingState (GMManager::Standby);
}
else {
- gm_main_window_flash_message (main_window, _("Failed to call user"));
+ gm_main_window_flash_message (main_window, "%s", _("Failed to call user"));
call_history_item->end_reason = g_strdup (_("Failed to call user"));
}
Index: manager.cpp
===================================================================
--- manager.cpp (revision 4825)
+++ manager.cpp (revision 4826)
@@ -715,7 +715,7 @@
gnomemeeting_threads_enter ();
msg = g_strdup_printf (_("Forwarding call to %s"),
(const char*) forward_party);
- gm_main_window_flash_message (main_window, msg);
+ gm_main_window_flash_message (main_window, "%s", msg);
gm_history_window_insert (history_window, msg);
gnomemeeting_threads_leave ();
g_free (msg);
@@ -873,7 +873,7 @@
/* Update the log and status bar */
msg = g_strdup_printf (_("Call from %s"), (const char *) utf8_name);
gnomemeeting_threads_enter ();
- gm_main_window_flash_message (main_window, msg);
+ gm_main_window_flash_message (main_window, "%s", msg);
gm_chat_window_push_info_message (chat_window, NULL, msg);
gm_history_window_insert (history_window, msg);
gnomemeeting_threads_leave ();
@@ -913,7 +913,7 @@
/* Display the action message */
gnomemeeting_threads_enter ();
if (short_reason)
- gm_main_window_flash_message (main_window, short_reason);
+ gm_main_window_flash_message (main_window, "%s", short_reason);
if (long_reason)
gm_history_window_insert (history_window, long_reason);
gnomemeeting_threads_leave ();
@@ -1061,7 +1061,7 @@
msg = g_strdup_printf (_("Connected with %s"), utf8_name);
gm_main_window_set_status (main_window, utf8_name);
gm_main_window_set_panel_section (main_window, CALL);
- gm_main_window_flash_message (main_window, msg);
+ gm_main_window_flash_message (main_window, "%s", msg);
gm_chat_window_push_info_message (chat_window, NULL, msg);
gm_main_window_update_calling_state (main_window, GMManager::Connected);
gm_chat_window_update_calling_state (chat_window,
@@ -1351,7 +1351,7 @@
gm_calls_history_item_free (call_history_item);
gm_history_window_insert (history_window, msg_reason);
- gm_main_window_flash_message (main_window, msg_reason);
+ gm_main_window_flash_message (main_window, "%s", msg_reason);
gm_chat_window_push_info_message (chat_window, NULL, "");
gnomemeeting_threads_leave ();
Index: sip.cpp
===================================================================
--- sip.cpp (revision 4825)
+++ sip.cpp (revision 4826)
@@ -319,7 +319,7 @@
#endif
gm_history_window_insert (history_window, msg);
- gm_main_window_flash_message (main_window, msg);
+ gm_main_window_flash_message (main_window, "%s", msg);
if (endpoint.GetCallingState() == GMManager::Standby)
gm_main_window_set_account_info (main_window,
endpoint.GetRegisteredAccounts());
--- End Message ---
--- Begin Message ---
Source: ekiga
Source-Version: 2.0.3-3
We believe that the bug you reported is fixed in the latest version of
ekiga, which is due to be installed in the Debian FTP archive:
ekiga_2.0.3-3.diff.gz
to pool/main/e/ekiga/ekiga_2.0.3-3.diff.gz
ekiga_2.0.3-3.dsc
to pool/main/e/ekiga/ekiga_2.0.3-3.dsc
ekiga_2.0.3-3_i386.deb
to pool/main/e/ekiga/ekiga_2.0.3-3_i386.deb
gnomemeeting_2.0.3-3_all.deb
to pool/main/e/ekiga/gnomemeeting_2.0.3-3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Loic Minier <[EMAIL PROTECTED]> (supplier of updated ekiga package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 4 Mar 2007 11:31:43 +0100
Source: ekiga
Binary: gnomemeeting ekiga
Architecture: source i386 all
Version: 2.0.3-3
Distribution: unstable
Urgency: high
Maintainer: Kilian Krause <[EMAIL PROTECTED]>
Changed-By: Loic Minier <[EMAIL PROTECTED]>
Description:
ekiga - H.323 and SIP compatible VOIP client
gnomemeeting - Dummy transition package of GnomeMeeting for Ekiga
Closes: 399336 411944
Changes:
ekiga (2.0.3-3) unstable; urgency=high
.
[ Kilian Krause ]
* Add transparency to tray icon. (Closes: #399336)
.
[ Loic Minier ]
* Merge diff from 2.0.3-2.1 NMU; thanks Martin Zobel-Helas; closes: #411944.
* Bump up Standards-Version to 3.7.2.
* Remove trailing whitespace in rules and control.
* Add a dummy gnomemeeting transition package; add .install file, rename
other debhelper files with an "ekiga." prefix.
* Add gnomemeeting.NEWS to explain the transition.
Files:
4fa65fb5f9f0f5f669844a0ab4378cae 1734 gnome optional ekiga_2.0.3-3.dsc
f1fdf0a967fc970a98cfd7715fb248fb 15761 gnome optional ekiga_2.0.3-3.diff.gz
8057371fcdb91c754ad36c7a0569f96f 5497414 gnome optional ekiga_2.0.3-3_i386.deb
ecbb3afefe95211fc36d58b9761f1cad 141692 gnome optional
gnomemeeting_2.0.3-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF6qEs4VUX8isJIMARAgVlAJoDzA5Y7oDl6cw6ypWszsbckIXxlgCeOkHd
zby3BjCXXpMpQNKVQvnJKxM=
=rSrf
-----END PGP SIGNATURE-----
--- End Message ---
