Package: gv Version: 1:3.6.1-5 Severity: grave Justification: user security hole
gv does not handle filenames correctly. When trying to print a file with a space in it, I get: $ gv 24\ stundenprotokoll.ps Warning - Cannot open file '24', No such file or directory Warning - Cannot open file 'stundenprotokoll.ps', No such file or directory lp: nothing to print Warning - Cannot open file '/home/tsr/gv_42073222_1_24', No such file or directory Warning - Cannot open file 'stundenprotokoll.ps.tmp', No such file or directory lp: nothing to print $ The first message is from 'Print All' the second is a 'Print Marked'. Using specially crafted filenames it is also possible to launch arbitrary programs under the invoking user's id. This is a security risk. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.26 Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages gv depends on: ii gs 8.01-5 Transitional package ii gs-gpl [gs] 8.01-5 The GPL Ghostscript PostScript int ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libice6 4.3.0.dfsg.1-10 Inter-Client Exchange library ii libsm6 4.3.0.dfsg.1-10 X Window System Session Management ii libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li ii libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte ii libxmu6 4.3.0.dfsg.1-10 X Window System miscellaneous util ii libxpm4 4.3.0.dfsg.1-10 X pixmap library ii libxt6 4.3.0.dfsg.1-10 X Toolkit Intrinsics ii xaw3dg 1.5+E-8 Xaw3d widget set ii xlibs 4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
