Package: groff Version: 1.23.0-10 Severity: normal Tags: upstream, fixed-upstream
Hi Colin, I can't figure out how to get reportbug(1) to report a bug to real Debian as opposed to the derivative I have installed on this machine, so I'm filing this report the old-fashioned way. If that still works, and I still remember how. I committed a fix upstream today for a stack overflow problem in pic(1). https://cgit.git.savannah.gnu.org/cgit/groff.git/commit/?id=d66fd2256f346010b975ced3f66efed473bfeb81 Here's the Savannah ticket, including the original report. https://savannah.gnu.org/bugs/?67899 The bug affects all known released versions of groff. (It's ANCIENT.) You might want to cherry-pick it now that it's public. I don't know if this is a security problem per se. pic(1) does not run as a privileged process. Can someone defeat pic's default "safer mode" via this means? I don't know. I welcome hearing from security experts about the severity of this problem. Regards, Branden
signature.asc
Description: PGP signature
