Bug#466850: marked as done (gpsk31: buffer overflow reading config file)

Tue, 26 Feb 2008 01:48:10 -0800 

Your message dated Tue, 26 Feb 2008 09:02:15 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#466850: fixed in gpsk31 0.3.2-1
has caused the Debian Bug report #466850,
regarding gpsk31: buffer overflow reading config file
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
466850: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466850
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message --- 
Package: gpsk31
Version: 0.3-1
Severity: normal


There are a buffer overflow in the conf file if just over 19 characters
are set to the options like 'name' or 'qth'. For example, if the qth
string is longer than 19 chars, the callsign gets overwrited, as
follows:
- set callsingn = "BBBBB"
- set qth = "AAAAAAAAAAAAAAAAAAAAAAAAAAAA"
- run the program
- go to Send -> MyCall 
and you'll get AAA instead of the callsign.

Other options are susceptible to this bug too.

At least, a warning note must be placed in the conf. file example
itself.

73s, LU2DFM



-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.24-1-amd64 (SMP w/1 CPU core)
Locale: LANG=es_AR, LC_CTYPE=es_AR (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages gpsk31 depends on:
ii  libatk1.0-0             1.20.0-1         The ATK accessibility toolkit
ii  libc6                   2.7-8            GNU C Library: Shared libraries
ii  libcairo2               1.4.14-1         The Cairo 2D vector graphics libra
ii  libfontconfig1          2.5.0-2          generic font configuration library
ii  libgcc1                 1:4.3-20080202-1 GCC support library
ii  libglib2.0-0            2.14.6-1         The GLib library of C routines
ii  libgtk2.0-0             2.12.8-1         The GTK+ graphical user interface 
ii  libpango1.0-0           1.18.4-1         Layout and rendering of internatio
ii  libstdc++6              4.3-20080202-1   The GNU Standard C++ Library v3
ii  libx11-6                2:1.0.3-7        X11 client-side library
ii  libxcursor1             1:1.1.9-1        X cursor management library
ii  libxext6                1:1.0.3-2        X11 miscellaneous extension librar
ii  libxfixes3              1:4.0.3-2        X11 miscellaneous 'fixes' extensio
ii  libxi6                  2:1.1.3-1        X11 Input extension library
ii  libxinerama1            1:1.0.2-1        X11 Xinerama extension library
ii  libxrandr2              2:1.2.2-1        X11 RandR extension library
ii  libxrender1             1:0.9.4-1        X Rendering Extension client libra

gpsk31 recommends no packages.

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: gpsk31
Source-Version: 0.3.2-1

We believe that the bug you reported is fixed in the latest version of
gpsk31, which is due to be installed in the Debian FTP archive:

gpsk31_0.3.2-1.diff.gz
  to pool/main/g/gpsk31/gpsk31_0.3.2-1.diff.gz
gpsk31_0.3.2-1.dsc
  to pool/main/g/gpsk31/gpsk31_0.3.2-1.dsc
gpsk31_0.3.2-1_i386.deb
  to pool/main/g/gpsk31/gpsk31_0.3.2-1_i386.deb
gpsk31_0.3.2.orig.tar.gz
  to pool/main/g/gpsk31/gpsk31_0.3.2.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joop Stakenborg <[EMAIL PROTECTED]> (supplier of updated gpsk31 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 25 Feb 2008 21:29:36 +0100
Source: gpsk31
Binary: gpsk31
Architecture: source i386
Version: 0.3.2-1
Distribution: unstable
Urgency: low
Maintainer: Joop Stakenborg <[EMAIL PROTECTED]>
Changed-By: Joop Stakenborg <[EMAIL PROTECTED]>
Description: 
 gpsk31     - A gtk based psk31
Closes: 466850
Changes: 
 gpsk31 (0.3.2-1) unstable; urgency=low
 .
   * New upstream release.
   * Fixes buffer overflow reading config file. Closes: #466850.
   * New maintainer.
   * Add Uploaders field to the control file with Carlos Barros, who is the
     previous maintainer and me (upstream maintainer).
   * Menu transition.
   * Several lintian fixes.
   * Remove debian manual page, is now provided upstream.
   * Remove README from the docs, it is provided upstream in /usr/share/gpsk31
     and also available through the Help menu.
Files: 
 78656743d4bba52885f03f4045e1469d 669 hamradio optional gpsk31_0.3.2-1.dsc
 358634716bf458fa5e6730af85081036 165318 hamradio optional 
gpsk31_0.3.2.orig.tar.gz
 cd6bd0418a776550a640d8bf3a53fde8 17992 hamradio optional gpsk31_0.3.2-1.diff.gz
 0543bc44e90e6eee89b987f538588ac7 51878 hamradio optional 
gpsk31_0.3.2-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHw9Su/CqtjGLxpX8RAovFAKCCN5Iq1Xuxozoq2xctgS6logWk9ACgnoIn
w/8wby3cLRDFuY7njInppSU=
=KWx0
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to