First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 156573
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Sune Kloppenborg Jeppesen <jaervosz@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
overflow.patch Proposed patch, based on the gv patch. for version 0.6.1 patch Stefan Cornelius (RETIRED) 2006-11-29 03:33 0000 703 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 156573 depends on: Show dependency tree
Show dependency graph
Bug 156573 blocks:

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-11-28 21:57 0000 
Seems like evince is affected by GLSA 200611-20. Any other packages bundling
gv?

------- Comment #1 From Stefan Cornelius (RETIRED) 2006-11-29 03:31:59 0000 ------- 
confirmed that it is possible to overwrite the EIP. I'll attach a patch that
fixed the problem for me. somebody should doubletest, just to make sure that i
didnt mess up.there is another app called "ggv" that might bundle gv code, but
not checked yet.

------- Comment #2 From Stefan Cornelius (RETIRED) 2006-11-29 03:33:44 0000 ------- 
Created an attachment (id=102972) [edit]
Proposed patch, based on the gv patch. for version 0.6.1

------- Comment #3 From Stefan Cornelius (RETIRED) 2006-12-01 01:35:16 0000 ------- 
upstream patch:

http://cvs.gnome.org/viewcvs/evince/ps/ps.c?r1=1.6&r2=1.6.6.1&makepatch=1&diff_format=h

------- Comment #4 From Sune Kloppenborg Jeppesen 2007-03-25 10:56:36 0000 ------- 
Gnome please advise.

------- Comment #5 From Daniel Gryniewicz 2007-03-26 19:58:08 0000 ------- 
Okay, I've added 0.6.1-rc3 to the tree with this fix.

Arches:  Literally the only change was to the postscript backend.  You should
only need to test .ps files.

------- Comment #6 From Sune Kloppenborg Jeppesen 2007-03-27 06:31:08 0000 ------- 
Thx Daniel.

Arches please test and mark stable. Target keywords are:

evince-0.6.1-r3.ebuild:KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86"

------- Comment #7 From Christian Faulhammer 2007-03-27 07:01:07 0000 ------- 
x86 stable

------- Comment #8 From Gustavo Zacarias (RETIRED) 2007-03-27 13:49:29 0000 ------- 
sparc stable.

------- Comment #9 From Jeroen Roovers 2007-03-27 14:43:11 0000 ------- 
Stable for HPPA.

------- Comment #10 From Chris Gianelloni (RETIRED) 2007-03-27 18:39:10 0000 ------- 
alpha/amd64/ia64 done

------- Comment #11 From Tobias Scherbaum 2007-03-27 19:07:33 0000 ------- 
ppc stable

------- Comment #12 From Markus Rothe 2007-03-29 14:45:31 0000 ------- 
ppc64 stable

------- Comment #13 From Raphael Marichez 2007-04-06 23:22:19 0000 ------- 
GLSA 200704-06, thanks to everybody
First Last Prev Next    No search results available      Search page      Enter new bug