Debian Bug report logs -
#506261
enscript: Buffer overflows
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 19 Nov 2008 22:30:05 UTC
Severity: grave
Tags: security
Found in version enscript/1.6.4-12
Fixed in versions enscript/1.6.4-13, enscript/1.6.4-11.1
Done: Tim Retout <tim@retout.co.uk>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Tim Retout <tim@retout.co.uk>:
Bug#506261; Package enscript.
(Wed, 19 Nov 2008 22:30:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Tim Retout <tim@retout.co.uk>.
(Wed, 19 Nov 2008 22:30:08 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: enscript
Version: 1.6.4-12
Severity: grave
Tags: security
Justification: user security hole
Hi,
buffer overflows have been discovered in enscript:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306
I'm attaching a patch by Werner Fink of SuSE covering these
issues.
Cheers,
Moritz
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages enscript depends on:
ii libc6 2.7-15 GNU C Library: Shared libraries
ii libpaper1 1.1.23+nmu1 library for handling paper charact
enscript recommends no packages.
Versions of packages enscript suggests:
ii ghostscript [postscript- 8.62.dfsg.1-3.1 The GPL Ghostscript PostScript/PDF
ii lpr 1:2008.05.17 BSD lpr/lpd line printer spooling
-- no debconf information
[enscript-security.patch (text/x-c, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Tim Retout <tim@retout.co.uk>:
Bug#506261; Package enscript.
(Wed, 19 Nov 2008 22:45:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Florian Weimer <fw@deneb.enyo.de>:
Extra info received and forwarded to list. Copy sent to Tim Retout <tim@retout.co.uk>.
(Wed, 19 Nov 2008 22:45:03 GMT) (full text, mbox, link).
Message #10 received at 506261@bugs.debian.org (full text, mbox, reply):
* Moritz Muehlenhoff:
> Hi,
> buffer overflows have been discovered in enscript:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306
>
> I'm attaching a patch by Werner Fink of SuSE covering these
> issues.
While you are at it, please update the manpage regarding the espf
special escape (command execution is no longer possible).
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#506261; Package enscript.
(Wed, 19 Nov 2008 22:54:14 GMT) (full text, mbox, link).
Acknowledgement sent
to Tim Retout <tim@retout.co.uk>:
Extra info received and forwarded to list.
(Wed, 19 Nov 2008 22:54:14 GMT) (full text, mbox, link).
Message #15 received at 506261@bugs.debian.org (full text, mbox, reply):
On Wed, 2008-11-19 at 23:29 +0100, Moritz Muehlenhoff wrote:
> Package: enscript
> Version: 1.6.4-12
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
> buffer overflows have been discovered in enscript:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306
>
> I'm attaching a patch by Werner Fink of SuSE covering these
> issues.
Thanks. There go my hopes for a quiet lenny release. :)
I'm just building a patched package. I can look at the manpage issue as
well, but it's quite late here.
--
Tim Retout <tim@retout.co.uk>
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#506261; Package enscript.
(Wed, 19 Nov 2008 23:06:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Tim Retout <tim@retout.co.uk>:
Extra info received and forwarded to list.
(Wed, 19 Nov 2008 23:06:02 GMT) (full text, mbox, link).
Message #20 received at 506261@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Wed, 2008-11-19 at 23:29 +0100, Moritz Muehlenhoff wrote:
> I'm attaching a patch by Werner Fink of SuSE covering these
> issues.
How does this debdiff look?
--
Tim Retout <tim@retout.co.uk>
[enscript.diff (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#506261; Package enscript.
(Thu, 20 Nov 2008 23:21:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Tim Retout <tim@retout.co.uk>:
Extra info received and forwarded to list.
(Thu, 20 Nov 2008 23:21:03 GMT) (full text, mbox, link).
Message #25 received at 506261@bugs.debian.org (full text, mbox, reply):
On Wed, 2008-11-19 at 23:29 +0100, Moritz Muehlenhoff wrote:
> Package: enscript
> Version: 1.6.4-12
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
> buffer overflows have been discovered in enscript:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306
>
> I'm attaching a patch by Werner Fink of SuSE covering these
> issues.
Right, lamby is sponsoring this for me. I added the CVE numbers to the
changelog entry and the patch header.
Would you like a package for stable-security?
--
Tim Retout <tim@retout.co.uk>
Reply sent
to Tim Retout <tim@retout.co.uk>:
You have taken responsibility.
(Thu, 20 Nov 2008 23:57:05 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Thu, 20 Nov 2008 23:57:06 GMT) (full text, mbox, link).
Message #30 received at 506261-close@bugs.debian.org (full text, mbox, reply):
Source: enscript
Source-Version: 1.6.4-13
We believe that the bug you reported is fixed in the latest version of
enscript, which is due to be installed in the Debian FTP archive:
enscript_1.6.4-13.diff.gz
to pool/main/e/enscript/enscript_1.6.4-13.diff.gz
enscript_1.6.4-13.dsc
to pool/main/e/enscript/enscript_1.6.4-13.dsc
enscript_1.6.4-13_amd64.deb
to pool/main/e/enscript/enscript_1.6.4-13_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 506261@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tim Retout <tim@retout.co.uk> (supplier of updated enscript package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 19 Nov 2008 22:45:35 +0000
Source: enscript
Binary: enscript
Architecture: source amd64
Version: 1.6.4-13
Distribution: unstable
Urgency: high
Maintainer: Tim Retout <tim@retout.co.uk>
Changed-By: Tim Retout <tim@retout.co.uk>
Description:
enscript - Converts ASCII text to Postscript, HTML, RTF or Pretty-Print
Closes: 506261
Changes:
enscript (1.6.4-13) unstable; urgency=high
.
* debian/patches/506261-buffer-overflows: New patch by Werner Fink to fix
buffer overflows: CVE-2008-3863, CVE-2008-4306. (Closes: #506261)
* Urgency set to "high" for RC security bugfix.
Checksums-Sha1:
b426e990a686dce46781fc3f8cce27016352f1c4 1010 enscript_1.6.4-13.dsc
024a1cf82af439963f71974947333a75ac090b26 93092 enscript_1.6.4-13.diff.gz
f7878a4a6155de1740eea8eb1c75afe37557783a 536804 enscript_1.6.4-13_amd64.deb
Checksums-Sha256:
a09d3f6db4ddf87bfdd9a65d149700b8abc1e999766978db80e8459aef7791c2 1010 enscript_1.6.4-13.dsc
b9721fe5435d6f1fa6113313738a549e580dd59d2319ad1d8d4af52d62a89892 93092 enscript_1.6.4-13.diff.gz
dc59c254b96540e9fb631ad72cb716827e81505dc6554c430a1243623d46a93e 536804 enscript_1.6.4-13_amd64.deb
Files:
47bc977491f403de90ff249249d339e9 1010 text optional enscript_1.6.4-13.dsc
45124974a746d0bef4cbf0b6e9523257 93092 text optional enscript_1.6.4-13.diff.gz
ef9291593d4dd06bb305602e624f6057 536804 text optional enscript_1.6.4-13_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkl8OQACgkQ5/8uW2NPmiAOUgCfUfql//D6kC/rw0L/YZJEYHKw
srsAn3iziP+l+OdrCfe4cjXyh4nHXSkF
=7hpo
-----END PGP SIGNATURE-----
Reply sent
to Tim Retout <tim@retout.co.uk>:
You have taken responsibility.
(Thu, 04 Dec 2008 20:03:12 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Thu, 04 Dec 2008 20:03:13 GMT) (full text, mbox, link).
Message #35 received at 506261-close@bugs.debian.org (full text, mbox, reply):
Source: enscript
Source-Version: 1.6.4-11.1
We believe that the bug you reported is fixed in the latest version of
enscript, which is due to be installed in the Debian FTP archive:
enscript_1.6.4-11.1.diff.gz
to pool/main/e/enscript/enscript_1.6.4-11.1.diff.gz
enscript_1.6.4-11.1.dsc
to pool/main/e/enscript/enscript_1.6.4-11.1.dsc
enscript_1.6.4-11.1_i386.deb
to pool/main/e/enscript/enscript_1.6.4-11.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 506261@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tim Retout <tim@retout.co.uk> (supplier of updated enscript package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 23 Nov 2008 18:10:35 +0000
Source: enscript
Binary: enscript
Architecture: source i386
Version: 1.6.4-11.1
Distribution: stable-security
Urgency: high
Maintainer: Christoph Berg <myon@debian.org>
Changed-By: Tim Retout <tim@retout.co.uk>
Description:
enscript - Converts ASCII text to Postscript, HTML, RTF or Pretty-Print
Closes: 506261
Changes:
enscript (1.6.4-11.1) stable-security; urgency=high
.
* debian/patches/506261-buffer-overflows: New patch by Werner Fink to fix
buffer overflows: CVE-2008-3863, CVE-2008-4306. (Closes: #506261)
* Urgency set to "high" for RC security bugfix.
Files:
b5e8009c5ef20c0bf2089e3c43881daf 631 text optional enscript_1.6.4-11.1.dsc
b5174b59e4a050fb462af5dbf28ebba3 1036734 text optional enscript_1.6.4.orig.tar.gz
87e85119b278fa214b29f84eda3944a4 91162 text optional enscript_1.6.4-11.1.diff.gz
a2d60b314df3903c55d427f6c30aa0b4 487696 text optional enscript_1.6.4-11.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkpvtsACgkQXm3vHE4uylrWzQCeLrwrvtf9tFcIOI5ibcDoHJUg
eWkAoJ6cr1Hk/DRLVb+UBMpDzhZD2UDn
=65V2
-----END PGP SIGNATURE-----
Reply sent
to Tim Retout <tim@retout.co.uk>:
You have taken responsibility.
(Wed, 17 Dec 2008 21:33:05 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Wed, 17 Dec 2008 21:33:06 GMT) (full text, mbox, link).
Message #40 received at 506261-close@bugs.debian.org (full text, mbox, reply):
Source: enscript
Source-Version: 1.6.4-11.1
We believe that the bug you reported is fixed in the latest version of
enscript, which is due to be installed in the Debian FTP archive:
enscript_1.6.4-11.1.diff.gz
to pool/main/e/enscript/enscript_1.6.4-11.1.diff.gz
enscript_1.6.4-11.1.dsc
to pool/main/e/enscript/enscript_1.6.4-11.1.dsc
enscript_1.6.4-11.1_i386.deb
to pool/main/e/enscript/enscript_1.6.4-11.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 506261@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tim Retout <tim@retout.co.uk> (supplier of updated enscript package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 23 Nov 2008 18:10:35 +0000
Source: enscript
Binary: enscript
Architecture: source i386
Version: 1.6.4-11.1
Distribution: stable-security
Urgency: high
Maintainer: Christoph Berg <myon@debian.org>
Changed-By: Tim Retout <tim@retout.co.uk>
Description:
enscript - Converts ASCII text to Postscript, HTML, RTF or Pretty-Print
Closes: 506261
Changes:
enscript (1.6.4-11.1) stable-security; urgency=high
.
* debian/patches/506261-buffer-overflows: New patch by Werner Fink to fix
buffer overflows: CVE-2008-3863, CVE-2008-4306. (Closes: #506261)
* Urgency set to "high" for RC security bugfix.
Files:
b5e8009c5ef20c0bf2089e3c43881daf 631 text optional enscript_1.6.4-11.1.dsc
b5174b59e4a050fb462af5dbf28ebba3 1036734 text optional enscript_1.6.4.orig.tar.gz
87e85119b278fa214b29f84eda3944a4 91162 text optional enscript_1.6.4-11.1.diff.gz
a2d60b314df3903c55d427f6c30aa0b4 487696 text optional enscript_1.6.4-11.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkpvtsACgkQXm3vHE4uylrWzQCeLrwrvtf9tFcIOI5ibcDoHJUg
eWkAoJ6cr1Hk/DRLVb+UBMpDzhZD2UDn
=65V2
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 26 Jul 2011 07:38:45 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:06:57 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon