Bug#295259: marked as done (Buffer overflow and format string vulnerabilities)

[Debian Bug Tracking System]

Your message dated Thu, 24 Feb 2005 17:47:10 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#295259: fixed in mc 1:4.6.0-4.6.1-pre3-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 14 Feb 2005 19:09:37 +0000
>From [EMAIL PROTECTED] Mon Feb 14 11:09:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from host251-99.pool8252.interbusiness.it (mail.server) 
[82.52.99.251] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1D0lbE-0007dM-00; Mon, 14 Feb 2005 11:09:37 -0800
Received: by mail.server (Postfix, from userid 1000)
        id B1B08A10635; Mon, 14 Feb 2005 20:09:35 +0100 (CET)
Date: Mon, 14 Feb 2005 20:09:35 +0100
From: Gerardo Di Giacomo <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Buffer overflow and format string vulnerabilities
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 3.5ubuntu4
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: mc
Severity: normal

Some vulnerabilities found in old version of mc (stable package) are
present in unstable/testing distributions too.

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8.1-3-386
Locale: LANG=it_IT, LC_CTYPE=it_IT (charmap=ISO-8859-1)

*** mc.patch
diff -Nur mc-4.6.0-4.6.1-pre1.orig/src/utilunix.c 
mc-4.6.0-4.6.1-pre1/src/utilunix.c
--- mc-4.6.0-4.6.1-pre1.orig/src/utilunix.c     2005-02-14 12:23:54.358065160 
+0000
+++ mc-4.6.0-4.6.1-pre1/src/utilunix.c  2005-02-14 12:30:02.910036744 +0000
@@ -429,7 +429,7 @@
        close (2);
        dup (old_error);
        close (old_error);
-       len = read (error_pipe[0], msg, MAX_PIPE_SIZE);
+       len = read (error_pipe[0], msg, MAX_PIPE_SIZE -1 );
 
        if (len >= 0)
            msg[len] = 0;
diff -Nur mc-4.6.0-4.6.1-pre1.orig/vfs/fish.c mc-4.6.0-4.6.1-pre1/vfs/fish.c
--- mc-4.6.0-4.6.1-pre1.orig/vfs/fish.c 2005-02-14 12:23:54.504042968 +0000
+++ mc-4.6.0-4.6.1-pre1/vfs/fish.c      2005-02-14 12:27:39.723804360 +0000
@@ -232,7 +232,7 @@
        print_vfs_message (_("fish: Waiting for initial line..."));
        if (!vfs_s_get_line (me, SUP.sockr, answer, sizeof (answer), ':'))
            ERRNOR (E_PROTO, -1);
-       print_vfs_message (answer);
+       print_vfs_message ("%s", answer);
        if (strstr (answer, "assword")) {
 
            /* Currently, this does not work. ssh reads passwords from

---------------------------------------
Received: (at 295259-close) by bugs.debian.org; 24 Feb 2005 22:54:02 +0000
>From [EMAIL PROTECTED] Thu Feb 24 14:54:02 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1D4Rru-0001ca-00; Thu, 24 Feb 2005 14:54:02 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
        id 1D4RlG-0002Us-00; Thu, 24 Feb 2005 17:47:10 -0500
From: Ludovic Drolez <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#295259: fixed in mc 1:4.6.0-4.6.1-pre3-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Thu, 24 Feb 2005 17:47:10 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 
X-CrossAssassin-Score: 2

Source: mc
Source-Version: 1:4.6.0-4.6.1-pre3-1

We believe that the bug you reported is fixed in the latest version of
mc, which is due to be installed in the Debian FTP archive:

mc_4.6.0-4.6.1-pre3-1.diff.gz
  to pool/main/m/mc/mc_4.6.0-4.6.1-pre3-1.diff.gz
mc_4.6.0-4.6.1-pre3-1.dsc
  to pool/main/m/mc/mc_4.6.0-4.6.1-pre3-1.dsc
mc_4.6.0-4.6.1-pre3-1_i386.deb
  to pool/main/m/mc/mc_4.6.0-4.6.1-pre3-1_i386.deb
mc_4.6.0-4.6.1-pre3.orig.tar.gz
  to pool/main/m/mc/mc_4.6.0-4.6.1-pre3.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ludovic Drolez <[EMAIL PROTECTED]> (supplier of updated mc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 17 Feb 2005 22:45:32 +0100
Source: mc
Binary: mc
Architecture: source i386
Version: 1:4.6.0-4.6.1-pre3-1
Distribution: unstable
Urgency: high
Maintainer: Stefano Melchior <[EMAIL PROTECTED]>
Changed-By: Ludovic Drolez <[EMAIL PROTECTED]>
Description: 
 mc         - midnight commander - a powerful file manager
Closes: 92121 231071 241891 267596 282301 286395 295259 295261
Changes: 
 mc (1:4.6.0-4.6.1-pre3-1) unstable; urgency=high
 .
   * New maintainers: Stefano Melchior and Ludovic Drolez (closes: #282301).
   * Urgency set to high because of security bug fixes.
   * Missing quoting in ext2 and i18n fix.
   * Samba lib warning (netmask.c) fixed.
   * Security upload to handle DSA 639 (references: CAN-2004-1004,
     CAN-2004-1005, CAN-2004-1009, CAN-2004-1090, CAN-2004-1091, CAN-2004-1092,
     CAN-2004-1093, CAN-2004-1174, CAN-2004-1175, CAN-2004-1176),
     Fixed upstream in the pre3 release (Closes: #295261).
   * Pre3 release includes fix for CAN-2004-0226 (closes: #286395).
   * Fixed ftp filesystem impossibility to list dirs when password contains #
     (closes: #92121).
   * Fixed subshell impossibility to be started (closes: #241891).
   * Fixed CAN-2004-0494 (closes: #267596).
   * Fixed buffer overflow and format string vulnerabilities (closes: #295259).
   * Italian hotkey translation changed (closes: #231071).
   * New upstream pre-release.
Files: 
 c8e34240a29a723bc78bdd85463a26f3 691 utils optional mc_4.6.0-4.6.1-pre3-1.dsc
 2bea7e3250efa665d972229e755ac1e6 3900927 utils optional 
mc_4.6.0-4.6.1-pre3.orig.tar.gz
 8c8a3a55fdb76c3105a564e037f06022 25254 utils optional 
mc_4.6.0-4.6.1-pre3-1.diff.gz
 3a6752d5079f576910f291bd752960c8 2003694 utils optional 
mc_4.6.0-4.6.1-pre3-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCHlNlsRlQAP1GppgRAim8AJwJRGe3QLax1XUU1NmZ35R1TsN4PQCfY8k2
LZo2XB/RBba9ZXrH7kMF12M=
=WFw5
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]