156573 2006-11-28 21:57 0000 app-text/evince bundles vulnerable gv? 2007-04-06 23:22:19 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.securityfocus.com/archive/1/452868/30/0/ B2 [glsa] DerCorny P2 normal --- 1 jaervosz@gentoo.org security@gentoo.org gnome@gentoo.org jaervosz@gentoo.org 2006-11-28 21:57:08 0000 Seems like evince is affected by GLSA 200611-20. Any other packages bundling gv? dercorny@gentoo.org 2006-11-29 03:31:59 0000 confirmed that it is possible to overwrite the EIP. I'll attach a patch that fixed the problem for me. somebody should doubletest, just to make sure that i didnt mess up.there is another app called "ggv" that might bundle gv code, but not checked yet. dercorny@gentoo.org 2006-11-29 03:33:44 0000 Created an attachment (id=102972) Proposed patch, based on the gv patch. for version 0.6.1 dercorny@gentoo.org 2006-12-01 01:35:16 0000 upstream patch: http://cvs.gnome.org/viewcvs/evince/ps/ps.c?r1=1.6&r2=1.6.6.1&makepatch=1&diff_format=h jaervosz@gentoo.org 2007-03-25 10:56:36 0000 Gnome please advise. dang@gentoo.org 2007-03-26 19:58:08 0000 Okay, I've added 0.6.1-rc3 to the tree with this fix. Arches: Literally the only change was to the postscript backend. You should only need to test .ps files. jaervosz@gentoo.org 2007-03-27 06:31:08 0000 Thx Daniel. Arches please test and mark stable. Target keywords are: evince-0.6.1-r3.ebuild:KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86" fauli@gentoo.org 2007-03-27 07:01:07 0000 x86 stable gustavoz@gentoo.org 2007-03-27 13:49:29 0000 sparc stable. jer@gentoo.org 2007-03-27 14:43:11 0000 Stable for HPPA. wolf31o2@gentoo.org 2007-03-27 18:39:10 0000 alpha/amd64/ia64 done dertobi123@gentoo.org 2007-03-27 19:07:33 0000 ppc stable corsair@gentoo.org 2007-03-29 14:45:31 0000 ppc64 stable falco@gentoo.org 2007-04-06 23:22:19 0000 GLSA 200704-06, thanks to everybody 102972 2006-11-29 03:33 0000 Proposed patch, based on the gv patch. for version 0.6.1 overflow.patch text/plain LS0tIHBzX29yaWcuYwkyMDA2LTAxLTA3IDAwOjAzOjQ0LjAwMDAwMDAwMCArMDEwMAorKysgcHMu YwkyMDA2LTExLTI5IDEzOjE5OjM2LjAwMDAwMDAwMCArMDEwMApAQCAtMTIzMiw3ICsxMjMyLDkg QEAKICAgICBxdW90ZWQgPSAxOwogICAgIGxpbmUrKzsKICAgICB3aGlsZSgqbGluZSAmJiAhKCps aW5lID09ICcpJyAmJiBsZXZlbCA9PSAwKSkgewotICAgICAgaWYoKmxpbmUgPT0gJ1xcJykgewor CWlmIChjcCAtIHRleHQgPj0gUFNMSU5FTEVOR1RIIC0gMSkKKwkJYnJlYWs7CisJaWYoKmxpbmUg PT0gJ1xcJykgewogICAgICAgICBpZigqKGxpbmUgKyAxKSA9PSAnbicpIHsKICAgICAgICAgICAq Y3ArKyA9ICdcbic7CiAgICAgICAgICAgbGluZSArPSAyOwpAQCAtMTMwMiw4ICsxMzA0LDExIEBA CiAgICAgfQogICB9CiAgIGVsc2UgewotICAgIHdoaWxlKCpsaW5lICYmICEoKmxpbmUgPT0gJyAn IHx8ICpsaW5lID09ICdcdCcgfHwgKmxpbmUgPT0gJ1xuJykpCi0gICAgICAqY3ArKyA9ICpsaW5l Kys7CisgICAgd2hpbGUoKmxpbmUgJiYgISgqbGluZSA9PSAnICcgfHwgKmxpbmUgPT0gJ1x0JyB8 fCAqbGluZSA9PSAnXG4nKSkgeworCWlmIChjcCAtIHRleHQgPj0gUFNMSU5FTEVOR1RIIC0gMikK KwkJYnJlYWs7CisgICAgICAJKmNwKysgPSAqbGluZSsrOworCX0KICAgfQogICAqY3AgPSAnXDAn OwogICBpZihuZXh0X2NoYXIpCg==