Your message dated Sun, 27 Jul 2008 14:02:08 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#457764: fixed in xemacs21 21.4.21-4 has caused the Debian Bug report #457764, regarding xemacs21: CVE-2007-6109 buffer overflow via a large precision value in an integer format string to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 457764: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457764 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: xemacs21 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xemacs21. CVE-2007-6109[0]: | Stack-based buffer overflow in emacs allows user-assisted attackers to | cause a denial of service (application crash) and possibly have | unspecified other impact via a large precision value in an integer | format string specifier to the format function, as demonstrated via a | certain "emacs -batch -eval" command line. We believed that xemacs21 is unaffected by this first but it turned out (Thanks to Florian) that it actually is but at a differen place: src/doprnt.c: /* Mostly reconstruct the spec and use sprintf() to format the string. */ *p++ = '%'; if (spec->plus_flag) *p++ = '+'; if (spec->space_flag) *p++ = ' '; if (spec->number_flag) *p++ = '#'; if (spec->minus_flag) *p++ = '-'; if (spec->zero_flag) *p++ = '0'; if (spec->minwidth >= 0) p = long_to_string (p, spec->minwidth); if (spec->precision >= 0) { *p++ = '.'; p = long_to_string (p, spec->precision); } if (strchr (double_converters, ch)) { *p++ = ch; *p++ = '\0'; sprintf (text_to_print, constructed_spec, arg.d); } else { *p++ = 'l'; /* Always use longs with sprintf() */ *p++ = ch; *p++ = '\0'; if (strchr (unsigned_int_converters, ch)) sprintf (text_to_print, constructed_spec, arg.ul); else sprintf (text_to_print, constructed_spec, arg.l); } If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6109 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgprr462Rj4Lg.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: xemacs21 Source-Version: 21.4.21-4 We believe that the bug you reported is fixed in the latest version of xemacs21, which is due to be installed in the Debian FTP archive: xemacs21-bin_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-bin_21.4.21-4_i386.deb xemacs21-gnome-mule-canna-wnn_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-gnome-mule-canna-wnn_21.4.21-4_i386.deb xemacs21-gnome-mule_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-gnome-mule_21.4.21-4_i386.deb xemacs21-gnome-nomule_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-gnome-nomule_21.4.21-4_i386.deb xemacs21-mule-canna-wnn_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-mule-canna-wnn_21.4.21-4_i386.deb xemacs21-mule_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-mule_21.4.21-4_i386.deb xemacs21-nomule_21.4.21-4_i386.deb to pool/main/x/xemacs21/xemacs21-nomule_21.4.21-4_i386.deb xemacs21-support_21.4.21-4_all.deb to pool/main/x/xemacs21/xemacs21-support_21.4.21-4_all.deb xemacs21-supportel_21.4.21-4_all.deb to pool/main/x/xemacs21/xemacs21-supportel_21.4.21-4_all.deb xemacs21_21.4.21-4.diff.gz to pool/main/x/xemacs21/xemacs21_21.4.21-4.diff.gz xemacs21_21.4.21-4.dsc to pool/main/x/xemacs21/xemacs21_21.4.21-4.dsc xemacs21_21.4.21-4_all.deb to pool/main/x/xemacs21/xemacs21_21.4.21-4_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. OHURA Makoto <[EMAIL PROTECTED]> (supplier of updated xemacs21 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 27 Jul 2008 17:42:21 +0900 Source: xemacs21 Binary: xemacs21 xemacs21-mule xemacs21-nomule xemacs21-mule-canna-wnn xemacs21-bin xemacs21-support xemacs21-supportel xemacs21-gnome-mule xemacs21-gnome-nomule xemacs21-gnome-mule-canna-wnn Architecture: source all i386 Version: 21.4.21-4 Distribution: unstable Urgency: high Maintainer: OHURA Makoto <[EMAIL PROTECTED]> Changed-By: OHURA Makoto <[EMAIL PROTECTED]> Description: xemacs21 - highly customizable text editor xemacs21-bin - highly customizable text editor -- support binaries xemacs21-gnome-mule - highly customizable text editor -- Mule binary xemacs21-gnome-mule-canna-wnn - highly customizable text editor -- Mule binary compiled with Cann xemacs21-gnome-nomule - highly customizable text editor -- Non-mule binary xemacs21-mule - highly customizable text editor -- Mule binary xemacs21-mule-canna-wnn - highly customizable text editor -- Mule binary compiled with Cann xemacs21-nomule - highly customizable text editor -- Non-mule binary xemacs21-support - highly customizable text editor -- architecture independent suppo xemacs21-supportel - highly customizable text editor -- non-required library files Closes: 457764 476613 Changes: xemacs21 (21.4.21-4) unstable; urgency=high . * Set urgency to high to fix RC bugs. * debian/patches/10_doprnt_use_malloc.dpatch: New patch. - Use malloc(3) instead of alloca(3). (CVE-2007-6109) (Closes: #457764) * debian/patches/10_vcdiff_use_mktemp.dpatch: New patch. - Fix insecure usage of temporary files. (CVE-2008-1694) (Closes: #476613) * debian/rules: Add -Wall and -O2 to CFLAGS. * debian/control.in: - Update Standards-Version. - Remove Build-dependency on x-dev. - Add Build-dependency on autotools-dev. * debian/PackagesMakefile.in: Sync with newer config.sub and config.guess. Checksums-Sha1: 2a2a9c7e42fbfb8d3874ab5d824e25b22e4f6b3c 1566 xemacs21_21.4.21-4.dsc 3806f74a807df1577a4a408cb9c96e0acc2b89e2 50897 xemacs21_21.4.21-4.diff.gz a8b12bbba3295d1495e0a7c819c0d894a6061878 15102 xemacs21_21.4.21-4_all.deb bae97524f34e68ee2b12324e171a789c02d39fd4 1314698 xemacs21-supportel_21.4.21-4_all.deb 2abfa1ed3970b15b298e13978123fbd401612354 4583446 xemacs21-support_21.4.21-4_all.deb 50809f85f06764cbbb8e955214a1784ac5eaaf21 1822126 xemacs21-nomule_21.4.21-4_i386.deb 2918576f0c62d36ea797d0ed015bfca0263a3782 2026980 xemacs21-mule_21.4.21-4_i386.deb 70dfa2a1574516bc5d3482881aa087cc6db46a9f 2121844 xemacs21-mule-canna-wnn_21.4.21-4_i386.deb 2a1a548fa5a044f9c07fc3cafc14f523829fe111 1880284 xemacs21-gnome-nomule_21.4.21-4_i386.deb f7abb101268febaa06bb918ce8e231b0b027355f 2076764 xemacs21-gnome-mule_21.4.21-4_i386.deb 5f6cf30c72a14a36dba9bc8592823a7ca20e7812 2169120 xemacs21-gnome-mule-canna-wnn_21.4.21-4_i386.deb fdfa18c987b86ea6e8f42f348086369fe2ec3ff4 503244 xemacs21-bin_21.4.21-4_i386.deb Checksums-Sha256: 7addeb2f6e44b0de542ff1a3e08991c91d6c6a1b6ed04661b7f910902d3681f9 1566 xemacs21_21.4.21-4.dsc 629df59f50933e5bf041612cb2c07a172b6960306af7d436474311ef91df97f8 50897 xemacs21_21.4.21-4.diff.gz 69f24f434967411568c26a7b3e8c86879825b3252c3e6102842d1aa84a0dd214 15102 xemacs21_21.4.21-4_all.deb dafeac9a3dc480b0c5e7360c3b507654bdbf7c1761b26a281f19190edc2091b4 1314698 xemacs21-supportel_21.4.21-4_all.deb 04ba966deac1704b2375bd523aba5d7d649356d1938bd33e857dfdeafbfcc377 4583446 xemacs21-support_21.4.21-4_all.deb 07fed7a970f73357ed89cf698cef684c86cbfe6855892d3a0f043953c29146e7 1822126 xemacs21-nomule_21.4.21-4_i386.deb bc6c082ab755f9d9837d20abcaab2a0dd5aa04ac9a685789a2745e76979caaad 2026980 xemacs21-mule_21.4.21-4_i386.deb 4aba9eb33277955def2a690e6b0da34dc7372deb40af002b0ae8f2ac7ac168c7 2121844 xemacs21-mule-canna-wnn_21.4.21-4_i386.deb 4fe46f2f4dd4d4f4362ab8161ef2771aeb4140822098e54ee9310609d5f28ac6 1880284 xemacs21-gnome-nomule_21.4.21-4_i386.deb cf362f9267a926ac03d850ffdf258544fbbbc56ab4eeacda8e9f413f476468d1 2076764 xemacs21-gnome-mule_21.4.21-4_i386.deb a8c87f0001663ea36c5f71b54af4ecdcad0f957358d85613f726ac7d67bb8101 2169120 xemacs21-gnome-mule-canna-wnn_21.4.21-4_i386.deb d0e14e1075363725d78c1a012e6d248f3b261c9c610984dd8e0d9f08e9a52403 503244 xemacs21-bin_21.4.21-4_i386.deb Files: 28641d5cddc6f95537a26f53496eb0a1 1566 editors optional xemacs21_21.4.21-4.dsc 52746a739a717b54a8d8bfbbe7c191f6 50897 editors optional xemacs21_21.4.21-4.diff.gz 4c04a1d89fb77f8511b6aaabd50fd432 15102 editors optional xemacs21_21.4.21-4_all.deb 1e93e49a675a4caecea23bc33319bf95 1314698 editors optional xemacs21-supportel_21.4.21-4_all.deb f57869404dadac411efc5353e5d8f5c7 4583446 editors optional xemacs21-support_21.4.21-4_all.deb 3809365b066cfdf7685dffdb743a45b6 1822126 editors optional xemacs21-nomule_21.4.21-4_i386.deb 043983b427c1f5abf7a04fc0a213ebbc 2026980 editors optional xemacs21-mule_21.4.21-4_i386.deb e5c99465f6c8f100accdfb0abfa10650 2121844 editors optional xemacs21-mule-canna-wnn_21.4.21-4_i386.deb c322deb88cecef196cbf496e519ae294 1880284 gnome optional xemacs21-gnome-nomule_21.4.21-4_i386.deb c5fc027c2c8b564fb33e671c1bb937e4 2076764 gnome optional xemacs21-gnome-mule_21.4.21-4_i386.deb 57dac6c6b62e65a65bd308b9c92465f6 2169120 gnome optional xemacs21-gnome-mule-canna-wnn_21.4.21-4_i386.deb 64ab3d4bb057ffbb1ae477b463f0a414 503244 editors optional xemacs21-bin_21.4.21-4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIjHoa7qLvonfc4IMRAvGJAKDXmigWdSwPs+6RBI8lNomJquSv8QCfTX2r 6IuAhjDcx3SnJaEDUdzPoRE= =Ly54 -----END PGP SIGNATURE-----
--- End Message ---
