First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 100245
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Jimi A. <folajimi@speakeasy.net>
Add CC:
CC:
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
pstotext_dsafer-1.diff Debian patch for this issue patch Stefan Cornelius (RETIRED) 2005-07-26 07:57 0000 668 bytes Details | Diff
safer.patch Patch for package patch Jan Jitse Venselaar 2005-07-27 07:06 0000 2.67 KB Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 100245 depends on: Show dependency tree
Bug 100245 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2005-07-25 09:06 0000 
Max Vozeler has reported a vulnerability in pstotext, which can be exploited by
malicious people to compromise a vulnerable system.

The vulnerability is caused due to pstotext not using the "-dSAFER" option when
calling GhostScript to extract plain-text from PostScript files. This
potentially allows malicious postscript code to execute arbitrary commands on
the system.

The vulnerability has been reported in version 1.9. Other versions may also be
affected.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.




Solution:
Only use pstotext on trusted files.

------- Comment #1 From Jimi A. 2005-07-25 09:09:24 0000 ------- 
http://secunia.com/advisories/16183/

------- Comment #2 From Stefan Cornelius (RETIRED) 2005-07-25 09:55:27 0000 ------- 
Ok, there is no active maintainer so i CC'ed the ones from the changelog and
maintainer-needed. If there is no volunteer to get this done, we might have to
mask or remove this package.

------- Comment #3 From Stefan Cornelius (RETIRED) 2005-07-26 07:57:54 0000 ------- 
Created an attachment (id=64353) [edit]
Debian patch for this issue

This is a patch for this issue taken from the debian bug. Still nobody wants to
do this?

------- Comment #4 From Jan Jitse Venselaar 2005-07-27 07:06:34 0000 ------- 
Created an attachment (id=64443) [edit]
Patch for package

This patch updates the ebuild, so it cannot be easier. Still needs a ChangeLog
entry and a GnuPG signature, but I'm not a developer, so I cannot do that.

------- Comment #5 From solar 2005-07-27 09:41:18 0000 ------- 
pstotext-1.8g-r1 is in the tree with the deb patch. 
KEYWORDS= ~amd64 ~x86 ~ppc ~sparc ~ppc64

------- Comment #6 From Stefan Cornelius (RETIRED) 2005-07-27 10:48:06 0000 ------- 
Thanks a lot for the help bumping!
Arches, please test pstotext-1.8g-r1 and mark stable, also thanks.

------- Comment #7 From Jory A. Pratt 2005-07-27 10:56:18 0000 ------- 
Stable on PPC

------- Comment #8 From Markus Rothe 2005-07-27 13:10:27 0000 ------- 
stable on ppc64

------- Comment #9 From Gustavo Zacarias (RETIRED) 2005-07-27 13:11:43 0000 ------- 
sparc stable.

------- Comment #10 From solar 2005-07-30 11:19:30 0000 ------- 
Passes local regression testing.
I processed 236 .ps files without error, and confirmed it now uses -dSAFER when
calling gs.

stable on x86.

It appears to to not free a small chunk of memory before exiting and could 
probably use a wee bit of Makefile and gcc syntax loving at a later time.

amd64 never appears to of had it marked stable. This would be a good time to go
ahead and do it.

------- Comment #11 From Thierry Carrez (RETIRED) 2005-07-30 11:49:32 0000 ------- 
About amd64 testing: sure it's a good time to mark stable, but it shouldn't
block GLSA release.

Ready for GLSA

------- Comment #12 From Stefan Cornelius (RETIRED) 2005-07-31 10:37:41 0000 ------- 
GLSA 200507-29. Thanks to everybody involved.
First Last Prev Next    No search results available      Search page      Enter new bug