Debian Bug report logs -
#580669
texlive-bin: Fix arbitrary code execution via memory corruption
Reported by: أحمد المحمودي <aelmahmoudy@sabily.org>
Date: Fri, 7 May 2010 16:06:02 UTC
Severity: grave
Tags: patch, security
Merged with 580668
Found in version 2009-5
Done: Norbert Preining <preining@logic.at>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian TeX Maintainers <debian-tex-maint@lists.debian.org>
:
Bug#580669
; Package texlive-bin
.
(Fri, 07 May 2010 16:06:05 GMT) (full text, mbox, link).
Acknowledgement sent
to أحمد المحمودي <aelmahmoudy@sabily.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian TeX Maintainers <debian-tex-maint@lists.debian.org>
.
(Fri, 07 May 2010 16:06:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: texlive-bin
Version: 2009-5
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu maverick ubuntu-patch
*** /tmp/tmpCGJT89
In Ubuntu, we've applied the attached patch to achieve the following:
* SECURITY UPDATE: arbitrary code execution via memory corruption
(LP: #537103)
- debian/patches/security-CVE-2010-0827.patch: make sure name isn't
too long in texk/dvipsk/virtualfont.c.
- CVE-2010-0827
We thought you might be interested in doing the same.
-- System Information:
Debian Release: 5.0.4
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.18-6-xen-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
[tmpXgfAtP (text/x-diff, attachment)]
Merged 580668 580669.
Request was from "Florian Weimer,,," <fw@deneb.enyo.de>
to control@bugs.debian.org
.
(Fri, 07 May 2010 16:21:07 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian TeX Maintainers <debian-tex-maint@lists.debian.org>
:
Bug#580669
; Package texlive-bin
.
(Sat, 08 May 2010 04:06:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Gilbert <michael.s.gilbert@gmail.com>
:
Extra info received and forwarded to list. Copy sent to Debian TeX Maintainers <debian-tex-maint@lists.debian.org>
.
(Sat, 08 May 2010 04:06:05 GMT) (full text, mbox, link).
Message #12 received at 580669@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
hi, attached is a debdiff that fixes these issues. i am looking for a
sponsor. the package is at:
http://mentors.debian.net/debian/pool/main/t/texlive-bin
mike
[texlive.debdiff (application/octet-stream, attachment)]
Message #13 received at 580669-done@bugs.debian.org (full text, mbox, reply):
On Sa, 08 Mai 2010, Michael Gilbert wrote:
> hi, attached is a debdiff that fixes these issues. i am looking for a
> sponsor. the package is at:
> http://mentors.debian.net/debian/pool/main/t/texlive-bin
Fixed packages have been prepared long before the public announcement
of CVE-2010-1440 anbd the security team informed about the lcoation
of the packages that where ready for upload. I couldn't do it myself
since I was offline.
(my email was from 1 May 2010, to security@debian.org)
It looks that at the security side of Debian nobody cared about me contacting
them about this issue (PING PING PING!!! any answer???)
Anyway, I have now myself upload 2009-6 of texlive-binaries and at the
same time an upload fixing the same issues for stable (into
stable-proposed-updates as discussed on the security list).
Anyway, thanks for your work.
Closing the two bugs since I did *NOT* rebuild the packages just to
add two bug numbers.
Best wishes
Norbert
------------------------------------------------------------------------
Norbert Preining preining@{jaist.ac.jp, logic.at, debian.org}
JAIST, Japan TU Wien, Austria Debian TeX Task Force
DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
------------------------------------------------------------------------
DUNGENESS (n.)
The uneasy feeling that the plastic handles of the overloaded
supermarket carrier bag you are carrying are getting steadily longer.
--- Douglas Adams, The Meaning of Liff
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sun, 06 Jun 2010 07:35:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:23:30 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.