Bug#439927: t1lib security flaw: CVE-2007-4033/#439927

2007-09-28 Thread Ionut Georgescu 
On Thu, 2007-09-27 at 20:12 +0200, Torsten Werner wrote:
 On 9/17/07, Torsten Werner [EMAIL PROTECTED] wrote:
  On 9/16/07, Artur R. Czechowski [EMAIL PROTECTED] wrote:
   The t1lib 5.1.0 available in Debian (either etch as lenny and sid[1]) is
   vulnerable to CVE-2007-4033 security flaw.
 
  I have uploaded a new package to unstable that can be easily
  backported to etch/lenny. I am attaching the output of debdiff.
 
 Do you plan to update the package through security.debian.org?
 
 Cheers,
 Torsten
 

Hi Torsten,

I think one should, because php depends on it. It would be nice if any
of you could do that at the moment. My laptop kissed me goodbye a few
weeks ago together with all my work. I could do it from work, but there
I hardly have any time to breathe.

Thanks a lot,
Ionut


-- 
***
* Ionuţ Georgescu
* Max-Planck-Institut für Physik komplexer Systeme
* Noethnitzer Str. 38, D-01187 Dresden
* Phone: +49 (351) 871-2209
* Fax:   +49 (351) 871-1999

Bug#439927: t1lib security flaw: CVE-2007-4033/#439927

2007-09-27 Thread Torsten Werner 
On 9/17/07, Torsten Werner [EMAIL PROTECTED] wrote:
 On 9/16/07, Artur R. Czechowski [EMAIL PROTECTED] wrote:
  The t1lib 5.1.0 available in Debian (either etch as lenny and sid[1]) is
  vulnerable to CVE-2007-4033 security flaw.

 I have uploaded a new package to unstable that can be easily
 backported to etch/lenny. I am attaching the output of debdiff.

Do you plan to update the package through security.debian.org?

Cheers,
Torsten


-- 
blog: http://twerner.blogspot.com/
homepage: http://www.twerner42.de/



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#439927: t1lib security flaw: CVE-2007-4033/#439927

2007-09-17 Thread Torsten Werner 
Hi,

On 9/16/07, Artur R. Czechowski [EMAIL PROTECTED] wrote:
 The t1lib 5.1.0 available in Debian (either etch as lenny and sid[1]) is
 vulnerable to CVE-2007-4033 security flaw.

I have uploaded a new package to unstable that can be easily
backported to etch/lenny. I am attaching the output of debdiff.


Cheers,
Torsten


-- 
blog: http://twerner.blogspot.com/
homepage: http://www.twerner42.de/


debdiff
Description: Binary data

Bug#439927: t1lib security flaw: CVE-2007-4033/#439927

2007-09-16 Thread Artur R. Czechowski 
forwarded 439927 [EMAIL PROTECTED]
tag 439927 patch confirmed upstream
severity 439927 serious
found 439927 5.1.0-2
thanks

Hi,
The t1lib 5.1.0 available in Debian (either etch as lenny and sid[1]) is
vulnerable to CVE-2007-4033 security flaw.
Upstream version 5.1.1 is vulnerable too. Upstream has been informed
about the issue.

I attached a patch solving the issue.

Best regards
Artur

[1] sarge probably too, I didn't check it.
-- 
Po co mamy ze sobą rozmawiać, skoro tak łatwo się komunikować?
/Jean Baudrillard/
--- t1env.c.orig	2007-09-16 19:56:38.319184208 +0200
+++ t1env.c	2007-09-16 20:05:02.057070439 +0200
@@ -611,6 +611,12 @@
 #endif 
 strcat( pathbuf, DIRECTORY_SEP);
 /* And finally the filename: */
+/* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf
+   let's try next pathbuf */
+if( strlen(pathbuf) + strlen(StrippedName) + 1  sizeof(pathbuf) ) {
+	i++;
+	continue;
+}
 strcat( pathbuf, StrippedName);
 
 /* Check for existence of the path: */


signature.asc
Description: Digital signature