Your message dated Sun, 05 May 2024 18:48:09 +0000
with message-id <[email protected]>
and subject line Bug#1069681: fixed in less 590-2.1~deb12u2
has caused the Debian Bug report #1069681,
regarding less does not escape special characters when outputting the filename
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1069681: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069681
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: less
Version: 590-2.1
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>
"less" does not escape special characters when outputting the
filename, either in the status line or in an error message.
With untrusted filenames (like in CVE-2024-32487), weird things
can happen in the terminal, which might be used for attacks.
For instance,
$ echo foo > test$'\033'\[\?40h$'\033'\[\?3h
$ less test$'\033'\[\?40h$'\033'\[\?3h
(in shells that understand the $'...' syntax, such as bash or zsh)
resizes the xterm window from 80 columns to 132 columns.
I can't reproduce this issue with the upstream version when the
file is viewable (the status line can be a bit incorrect, though);
I suppose that there was some fix in the recent past. When the
file is not viewable, same problem due to the error message. I've
reported the bug here:
https://github.com/gwsw/less/issues/503
-- System Information:
Debian Release: trixie/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500,
'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'),
(500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.6.15-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages less depends on:
ii libc6 2.37-18
ii libtinfo6 6.4+20240414-1
less recommends no packages.
less suggests no packages.
-- no debconf information
--
Vincent Lefèvre <[email protected]> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
--- End Message ---
--- Begin Message ---
Source: less
Source-Version: 590-2.1~deb12u2
Done: Salvatore Bonaccorso <[email protected]>
We believe that the bug you reported is fixed in the latest version of
less, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated less package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 02 May 2024 20:30:51 +0200
Source: less
Architecture: source
Version: 590-2.1~deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Milan Kupcevic <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 1064293 1068938 1069681
Changes:
less (590-2.1~deb12u2) bookworm-security; urgency=high
.
* Non-maintainer upload by the Security Team.
.
[ Milan Kupcevic ]
* Fix incorrect display when filename contains control chars
(Closes: #1069681)
.
less (590-2.1~deb12u1) bookworm-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Rebuild for bookworm-security
.
less (590-2.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Shell-quote filenames when invoking LESSCLOSE (CVE-2022-48624)
(Closes: #1064293)
* Fix bug when viewing a file whose name contains a newline (CVE-2024-32487)
(Closes: #1068938)
Checksums-Sha1:
683da794f9203c803fa4690c9fc643e05e6b20df 2228 less_590-2.1~deb12u2.dsc
6a6d4f2cbe18bce3db8dc9f4337c2b35f32c76f4 23852
less_590-2.1~deb12u2.debian.tar.xz
Checksums-Sha256:
1a4219f8ec9342851805089d9ee5ec7c0150287d5722ecc914c50790673ad9a6 2228
less_590-2.1~deb12u2.dsc
4a54c48a25cabb5408af6d7bc174cad96614e540b47d2b8962b3e13819fd9b30 23852
less_590-2.1~deb12u2.debian.tar.xz
Files:
7dc4c944e5b41d3004e4eaa7be2c2134 2228 text important less_590-2.1~deb12u2.dsc
2d60b4f47bdb42a8e75be462aa417d1c 23852 text important
less_590-2.1~deb12u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYz3JZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EWlIP/2noXgRJDkAvk7sxtArXPXg//lNiY/vu
eb4KDvjfCqa3Vmnk/TRf1+tXfo3pUM6CHr0JQmZQL4LwSdp61C45KnQwRXX1HWdK
RYqIoerrXp59TvXX65+oNPNh3DJlVbguOhvalg4g3+jc6K8CQAOZYVC2P4akpcbU
3/y2aEF+tdBgmq99H0uMo9KgY0pIQGaWcxYZQbf9LCOttw+iPGv+4uZxv/SKeuqg
nsJBiZw5Zuy9AjlTuTHwTOIgS6xsk7L1RlJ9b0vv/UaQUN05Qo/6k3XM65j6WwC+
3WGu3sIPo54ap26Pwjjf3dR19lGrZABh9IAdrgQlp0rm/pmI4G30+PVEy3dNInSL
QqkcW8oUA239xs/XzXeKACMreTCFFx+NhKN0UeJuru1awVZXEWp0BHoFn9HDfS5p
O+yPNFH4sT09JDAc2dFLzJRGOO+8TgRjJ01Ylcs2cCktNp4Tgzw1JzMHDAsJJEXg
QNg6ekYvlmpsqokAamBlXQTyET7GC/ur6TYuGVX6H6Rq3YJ6v/aLiC2RRijB3AiQ
vdt5tr3fRNAGKxiPfR6bEpSunYISjmgZPYRYcP+nsId8oMFsstfpJCRtGosyI/cj
lOHZuBmgxyikxYbxX5LxzDlCUWR9r51k93F3z/oQesrZbMIvCkZ+8QqPe56q1mI1
0krKZsOhjiTM
=Bqc3
-----END PGP SIGNATURE-----
pgptIaD4uaPSu.pgp
Description: PGP signature
--- End Message ---
