Your message dated Tue, 21 Feb 2006 07:17:10 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#213957: fixed in xshisen 1.51-1-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: xshisen
Version: 1.51-1
Severity: normal
Tags: security sid patch



About
-----

  xshisen is a puzzle game for X11 similar to the Sang-hai game.

  The main binary xshisen is installed setgid(games) within both
 the Debian Unstable, and the Debian Testing distributions.

 
Problems
--------

  This code suffers from two problems relating to lack of bounds
 testing of user supplied data.

  The first problem is the handling of the command line flag "-KCONV",
 the second is the inappropriate handling of the 'XSHISENLIB' 
 environmental variable.

  Either of these vulnerabilities can be used to gain gid(games)
 priviledges.

  Sample exploits are available.

 
Fix
---

  The supplied diff should close both these holes.


Steve
--
# Debian Security Audit
http://www.steve.org.uk/

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux steve 2.4.19-686 #1 Mon Nov 18 23:59:03 EST 2002 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages xshisen depends on:
ii  libc6                      2.3.2-8       GNU C Library: Shared libraries an
ii  libgcc1                    1:3.3.2-0pre4 GCC support library
ii  libstdc++5                 1:3.3.2-0pre4 The GNU Standard C++ Library v3
ii  libxaw7                    4.2.1-11      X Athena widget set library
ii  xlibs                      4.2.1-11      X Window System client libraries

-- no debconf information



--- main.C-orig 2003-09-29 14:08:08.000000000 +0100
+++ main.C      2003-09-29 14:38:20.000000000 +0100
@@ -210,7 +210,7 @@
     char buffer[100], *p;
     char *(*codeconv)(const char*);
 
-    strcpy(buffer, operation);
+    strncpy(buffer, operation,sizeof(buffer)-1);
     if (strchr(buffer, '-') == NULL) {
         strcat(buffer, "-" KANJICODE);
     }
--- readxpm.C-orig      2003-09-29 14:37:38.000000000 +0100
+++ readxpm.C   2003-09-29 14:37:51.000000000 +0100
@@ -12,7 +12,7 @@
   char buffer[1024];
 
   for(int i=0; i<PKIND; i++) {
-    sprintf(buffer, "%s/%s/%s.xpm", directory, subdir, files[i]);
+    snprintf(buffer,sizeof(buffer)-1, "%s/%s/%s.xpm", directory, subdir, 
files[i]);
     Mp[i].ReadFile(w, buffer, i, globRes.colorCloseness);
   }
 }



--- End Message ---
--- Begin Message ---
Source: xshisen
Source-Version: 1.51-1-2

We believe that the bug you reported is fixed in the latest version of
xshisen, which is due to be installed in the Debian FTP archive:

xshisen_1.51-1-2.diff.gz
  to pool/main/x/xshisen/xshisen_1.51-1-2.diff.gz
xshisen_1.51-1-2.dsc
  to pool/main/x/xshisen/xshisen_1.51-1-2.dsc
xshisen_1.51-1-2_i386.deb
  to pool/main/x/xshisen/xshisen_1.51-1-2_i386.deb
xshisen_1.51-1.orig.tar.gz
  to pool/main/x/xshisen/xshisen_1.51-1.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Zak B. Elep <[EMAIL PROTECTED]> (supplier of updated xshisen package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 21 Feb 2006 22:35:26 +0800
Source: xshisen
Binary: xshisen
Architecture: source i386
Version: 1.51-1-2
Distribution: unstable
Urgency: high
Maintainer: Zak B. Elep <[EMAIL PROTECTED]>
Changed-By: Zak B. Elep <[EMAIL PROTECTED]>
Description: 
 xshisen    - Shisen-sho puzzle game for X11
Closes: 213957 289784 291279 291613 292065 346854
Changes: 
 xshisen (1.51-1-2) unstable; urgency=low
 .
   * New maintainer (as agreed with former maintainer; see
     http://lists.debian.org/debian-devel/2006/02/msg00007.html)
   * Fix strange source packaging problem (Closes: #291279)
   * debian/control:
     - Changed build system to CDBS + debhelper.
     - Bump Standards-Version.
     - Bump debhelper Build-Depends to (>= 5) ; updated compat too.
     - Slightly touch description; added homepage too.
   * debian/patches:
     - Added 10_oldfixes.patch .  Must sort the various hunks out soon.
       Acknowledging NMUs .
     - Added 11_manpage_fixes.patch to properly format C and ja manpages.
     - Added 20_autotools_update.patch .
   * debian/rules:
     - Remove extra Japanese manpages as suggested by Nicolas François.
       Remove app-defaults for these extra locales too.
   * debian/menu:
     - Properly quote menu entry.
 .
 xshisen (1.51-1-1.3) unstable; urgency=low
 .
   * Non-maintainer upload to do xlibs-dev transition.
   * Update debian/control to not build-depend on xlibs-dev anymore. (Closes:
     #346854)
   * Fix Makefile.in to reflect GNU make behaviour change regarding line
     continuations and whitespace.
 .
 xshisen (1.51-1-1.2) unstable; urgency=HIGH
 .
   * NMU (at maintainer's request).
   * Add NO_GLOBAL_HIGHSCORE define which crudely disables the support for
     a global score file.
   * Remove sgid bit. Closes: #291613, #292065
   * Comment out code in postinst that set up /var/games/xshisen.scores,
     but for now, do not delete that file on upgrade.
   * Add README.Debian.
 .
 xshisen (1.51-1-1.1) unstable; urgency=HIGH
 .
   * NMU
   * Fix buffer overflow in handling of GECOS field (CAN-2005-0117)
     using patch from Ulf Harnhammar. Closes: #289784
 .
 xshisen (1.51-1-1) unstable; urgency=high
 .
   * Non-maintainer upload with consent from Grzegorz.
   * Fix a locally exploitable buffer overflow allowing GID(games).
     (Closes: #213957)
Files: 
 9bb81ea94342beafadfc0554cda517aa 660 games optional xshisen_1.51-1-2.dsc
 5f0ef1d7811401876de717fd6771fe47 85350 games optional 
xshisen_1.51-1.orig.tar.gz
 6f2400fcf46f8feecb2f25e2547e2951 79053 games optional xshisen_1.51-1-2.diff.gz
 51737af066b25119295ba5c8317ee375 61262 games optional xshisen_1.51-1-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD+yumlAuUx1tI/64RAgQpAJ4+6/S5G1rOUtHbGbu6d3/BoGL1ewCfdXuT
oXQMYfMT/5MqMDvqwd6rfHM=
=mJ0A
-----END PGP SIGNATURE-----


--- End Message ---

Reply via email to