Bug#691642: xterm: outputting the mc5 sequence (prtr_on / turn on printer) makes xterm crash

2012-10-28 Thread Nico Golde 
tags 691642 - security
thanks

Hi,
* Vincent Lefevre  [2012-10-28 13:32]:
> On 2012-10-28 11:37:58 +0100, Nico Golde wrote:
[...] 
> > > In addition to possible data loss due to the crash, this is a security
> > > problem, because the sequence may appear in a remote file.
> > 
> > Sorry, I couldn't parse this sentence. What exactly are the security 
> > implications? So far I don't see how this qualifies for a security bug.
> 
> If some external data (because they contain some unexpected byte
> sequence) make a local program crash (so that user data are lost),
> that's a security bug. Just like when you have a bug in the image
> decoder used by your web browser that makes it crash on some image
> files.

That was exactly my point, this is not treated as a security bug in Debian, 
but a regular bug.

Cheers
Nico


pgpDli3ful8MB.pgp
Description: PGP signature

Bug#691642: xterm: outputting the mc5 sequence (prtr_on / turn on printer) makes xterm crash

2012-10-28 Thread Nico Golde 
Hi,
* Vincent Lefevre  [2012-10-28 00:11]:
> When cat'ing some binary file, my xterm crashed. I've managed to find
> the cause: the mc5 terminfo sequence (prtr_on / turn on printer). The
> problem can be reproduced with:
> 
> 1. Run xterm from another terminal.
> 2. Run the following command:
>  printf "\033[5i"
>or
>  tput mc5
>The message "sh: 1: : Permission denied" appears in the first
>terminal.

I can't reproduce this with xterm 278-2 on amd64.
[...] 

> In addition to possible data loss due to the crash, this is a security
> problem, because the sequence may appear in a remote file.

Sorry, I couldn't parse this sentence. What exactly are the security 
implications? So far I don't see how this qualifies for a security bug.

Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0


-- 
To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20121028103757.gx17...@ngolde.de

Re: [Secure-testing-team] xorg-server update for lenny

2008-01-19 Thread Nico Golde 
Hi Julien,
* Julien Cristau <[EMAIL PROTECTED]> [2008-01-19 13:07]:
> as xorg-server 1.4 isn't ready to migrate, and won't be for some more
> time, I prepared an updated package for testing-security.

Oh thanks, that's really nice.

> It fixes CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428,
> CVE-2007-6429 and CVE-2008-0006, and will be on its way to klecker in a
> few minutes.
> I'm travelling right now, so in case something comes up please contact
> [EMAIL PROTECTED]

Thank you! I am going to check & release this as soon as all 
buildds pushed their packages to klecker.
Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpzPajhHmH8L.pgp
Description: PGP signature

Re: xorg update in testing for CVE-2007-4730

2007-10-20 Thread Nico Golde 
Hi Julien,
* Julien Cristau <[EMAIL PROTECTED]> [2007-10-20 12:14]:
> On Sat, Oct 20, 2007 at 11:16:00 +0200, Nico Golde wrote:
> 
> > Hi X Strike Force,
> > The xorg version in testing is currently affected with the 
> > issue described in CVE-2007-4730[0].
> > 
> > For stable and unstable this has already been fixed.
> > However the package is unlikely migrating to testing because 
> > of new RC bugs in the BTS which prevents this.
> > 
> I've pushed this change to the debian-lenny branch of
> git://git.debian.org/~jcristau/xorg-server [0], and am starting a build
> right now.

Thanks very much for your efforts!
Please ping us then after uploading.

Kind regards
Nico
-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpHlomwNcAyy.pgp
Description: PGP signature

xorg update in testing for CVE-2007-4730

2007-10-20 Thread Nico Golde 
Hi X Strike Force,
The xorg version in testing is currently affected with the 
issue described in CVE-2007-4730[0].

For stable and unstable this has already been fixed.
However the package is unlikely migrating to testing because 
of new RC bugs in the BTS which prevents this.

Nonetheless it would be nice to have this fixed in testing 
too so the question is, would reuploading the unstable 
version to testing-security break setups or would this be a 
fairly unproblematic update?

If it is, can you reupload it to "testing-security"?
If yes, please see: http://secure-testing-master.debian.net/uploading.html
and contact [EMAIL PROTECTED] 
after uploading. If you don't have the time but the update 
should be without problems we can also prepare this for you.

Kind regards
Nico


-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgp1BfOf6zALp.pgp
Description: PGP signature

Bug#286502: missing ] in /etc/init.d/xfs

2004-12-21 Thread Nico Golde 
Hello Adam,

* Adam D. Barratt <[EMAIL PROTECTED]> [2004-12-20 23:25]:
> package xfs
> close 286502
> merge 286502 285133
> thanks
> 
> On Monday, December 20, 2004 2:10 PM, Nico Golde <[EMAIL PROTECTED]> wrote:
> 
> > Package: xfs
> > Version: 4.3.0.dfsg.1-9
> > Severity: normal
> > Tags: patch
> > hi,
> > there i a mistake in /etc/init.d/xfs:
> 
> In fact, your patch is exactly what was done in 4.3.0.dfsg.1-10, to close
> the
> previous report of this bug (#285133). Closing this report as the fixed
> packages are already in the archive.

oh sorry, i just made the upgrade of my system in this
evening. sorry.
kind regards
nico
-- 
Nico Golde - [EMAIL PROTECTED] | GPG: 1024D/73647CFF ,'"`.
[EMAIL PROTECTED] | http://www.ngolde.de   (  grml.org
VIM has two modes - the one in which it beeps`._,'   
and the one in which it doesn't -- encrypted mail preferred


signature.asc
Description: Digital signature

Bug#286502: missing ] in /etc/init.d/xfs

2004-12-20 Thread Nico Golde 
Package: xfs
Version: 4.3.0.dfsg.1-9
Severity: normal
Tags: patch
hi,
there i a mistake in /etc/init.d/xfs:
sudo /etc/init.d/xfs restart
Stopping X font server: xfs.
Setting up X font server socket directory /tmp/.font-unix.../etc/init.d/xfs: 
line 24: [: missing `]'
done.
Starting X font server: xfs.

i wrote a patch, it is in the attachment.
regards nico


-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.9
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) (ignored: 
LC_ALL set to [EMAIL PROTECTED])

Versions of packages xfs depends on:
ii  libc6   2.3.2.ds1-19 GNU C Library: Shared libraries an
ii  zlib1g  1:1.2.2-4compression library - runtime

-- no debconf information

-- 
Nico Golde - [EMAIL PROTECTED] | GPG: 1024D/73647CFF ,'"`.
[EMAIL PROTECTED] | http://www.ngolde.de   (  grml.org
VIM has two modes - the one in which it beeps`._,'   
and the one in which it doesn't -- encrypted mail preferred
--- /etc/init.d/xfs 2004-12-20 15:07:57.0 +0100
+++ xfs.patch   2004-12-20 15:07:25.0 +0100
@@ -21,7 +21,7 @@
 
 set_up_socket_dir () {
   echo -n "Setting up X font server socket directory $SOCKET_DIR..."
-  if [ -e $SOCKET_DIR && ! [ -d $SOCKET_DIR ]; then
+  if [ -e $SOCKET_DIR ] && ! [ -d $SOCKET_DIR ]; then
 mv $SOCKET_DIR $SOCKET_DIR.$$
   fi
   mkdir -p $SOCKET_DIR


signature.asc
Description: Digital signature