Summary: | app-text/evince bundles vulnerable gv? | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | gnome | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://www.securityfocus.com/archive/1/452868/30/0/ | ||||||
Whiteboard: | B2 [glsa] DerCorny | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2006-11-28 21:57:08 UTC
confirmed that it is possible to overwrite the EIP. I'll attach a patch that fixed the problem for me. somebody should doubletest, just to make sure that i didnt mess up.there is another app called "ggv" that might bundle gv code, but not checked yet. Created attachment 102972 [details, diff]
Proposed patch, based on the gv patch. for version 0.6.1
upstream patch: http://cvs.gnome.org/viewcvs/evince/ps/ps.c?r1=1.6&r2=1.6.6.1&makepatch=1&diff_format=h Gnome please advise. Okay, I've added 0.6.1-rc3 to the tree with this fix. Arches: Literally the only change was to the postscript backend. You should only need to test .ps files. Thx Daniel. Arches please test and mark stable. Target keywords are: evince-0.6.1-r3.ebuild:KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86" x86 stable sparc stable. Stable for HPPA. alpha/amd64/ia64 done ppc stable ppc64 stable GLSA 200704-06, thanks to everybody |