Debian Bug report logs - #278298
tetex-bin is affected by CAN-2004-0888

version graph

Package: tetex-bin; Maintainer for tetex-bin is (unknown);

Reported by: Adrian Bunk <bunk@stusta.de>

Date: Mon, 25 Oct 2004 23:18:01 UTC

Severity: grave

Tags: patch, sarge, security

Found in version 2.0.2-22

Fixed in version tetex-bin/2.0.2-23

Done: Joey Hess <joeyh@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Adrian Bunk <bunk@stusta.de>:
New Bug report received and forwarded. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Adrian Bunk <bunk@stusta.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 01:00:59 +0200
Package: tetex-bin
Version: 2.0.2-22
Severity: grave
Tags: security


pdftohtml might be affected by CAN-2004-0889
(integer overflow issues in xpdf).

The code is there, but I haven't checked how it's actually used.



Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Hilmar Preusse <hille42@web.de>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #10 received at 278298@bugs.debian.org (full text, mbox):

From: Hilmar Preusse <hille42@web.de>
To: Adrian Bunk <bunk@stusta.de>, 278298@bugs.debian.org
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 12:21:54 +0200
On 26.10.04 Adrian Bunk (bunk@stusta.de) wrote:

Hi,

> pdftohtml might be affected by CAN-2004-0889
> (integer overflow issues in xpdf).
> 
> The code is there, but I haven't checked how it's actually used.
> 
http://packages.debian.org/cgi-bin/search_contents.pl?searchmode=filelist&word=pdftohtml&version=unstable&arch=i386

Sure, you filed the bug against the right package?

H.
-- 
sigmentation fault



Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Adrian Bunk <bunk@stusta.de>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #15 received at 278298@bugs.debian.org (full text, mbox):

From: Adrian Bunk <bunk@stusta.de>
To: Hilmar Preusse <hille42@web.de>
Cc: 278298@bugs.debian.org
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 12:25:56 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Oct 26, 2004 at 12:21:54PM +0200, Hilmar Preusse wrote:
> On 26.10.04 Adrian Bunk (bunk@stusta.de) wrote:
> 
> Hi,

Hi Hilmar,

> > pdftohtml might be affected by CAN-2004-0889
> > (integer overflow issues in xpdf).
> > 
> > The code is there, but I haven't checked how it's actually used.
> > 
> http://packages.debian.org/cgi-bin/search_contents.pl?searchmode=filelist&word=pdftohtml&version=unstable&arch=i386
> 
> Sure, you filed the bug against the right package?

it's the right package, but the wrong text (I copied and edited the text 
from #278297, but it seems I forgot to change the package name).

> H.

cu
Adrian

- -- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBfiY0mfzqmE8StAARAtbaAKC2ZVTGz79Yewn80HMy3oAtxcgvAwCcCWBF
v/6NgST+oVIasbmXTDbD+Bk=
=f+tp
-----END PGP SIGNATURE-----



Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #20 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: Adrian Bunk <bunk@stusta.de>
Cc: 278298@bugs.debian.org, Hilmar Preusse <hille42@web.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 14:11:20 +0200
Adrian Bunk <bunk@stusta.de> wrote:

>> > pdftohtml might be affected by CAN-2004-0889
>> > (integer overflow issues in xpdf).
>> > 
>> > The code is there, but I haven't checked how it's actually used.
[...]
> it's the right package, but the wrong text (I copied and edited the text 
> from #278297, but it seems I forgot to change the package name).

Yes, the code is in our tetex-bin tarball, and I think that it is
used. At least files from the libs/xpdf directory are mentioned e.g. in
texk/web2c/pdftexdir/depends.mak (and depends.mk).

4 c/cc files in texk/web2c/pdftexdir include gmem.h from
libs/xpdf/goo. There might be more. It affects both woody and
sarge/sid. 

Adrian, thank you for pointing us to the problem. Is there any
documentation about the fixes that have been done in other packages? I
am sure that *I* do not have the necessary knowledge of C and C++ to
(back)port this to our packages.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer




Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #25 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: 278298@bugs.debian.org
Cc: Adrian Bunk <bunk@stusta.de>, Hilmar Preusse <hille42@web.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 16:57:00 +0200
Frank Küster <frank@debian.org> wrote:

> 4 c/cc files in texk/web2c/pdftexdir include gmem.h from
> libs/xpdf/goo. There might be more. It affects both woody and
> sarge/sid. 

According to 

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:113

and

http://www.securityfocus.com/archive/1/379114/2004-10-21/2004-10-27/0

the issue affects xpdf 3.0 and xpdf 2.02. woody ships xpdf 0.92
(2000-dec-03) according to the README file in the xpdf directory. Might
be hard to even find out whether it is affected. sarge/sid have 2.01
(2002-dec-05) and is probably affected.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer




Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Hilmar Preusse <hille42@web.de>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #30 received at 278298@bugs.debian.org (full text, mbox):

From: Hilmar Preusse <hille42@web.de>
To: Frank Küster <frank@debian.org>
Cc: 278298@bugs.debian.org, Adrian Bunk <bunk@stusta.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 17:53:59 +0200
On 26.10.04 Frank Küster (frank@debian.org) wrote:
> Frank Küster <frank@debian.org> wrote:

Hi *,

> > 4 c/cc files in texk/web2c/pdftexdir include gmem.h from
> > libs/xpdf/goo. There might be more. It affects both woody and
> > sarge/sid. 
> 
> According to 
> 
> http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:113
> 
> and
> 
> http://www.securityfocus.com/archive/1/379114/2004-10-21/2004-10-27/0
> 
> the issue affects xpdf 3.0 and xpdf 2.02. woody ships xpdf 0.92
> (2000-dec-03) according to the README file in the xpdf directory.
> Might be hard to even find out whether it is affected. sarge/sid
> have 2.01 (2002-dec-05) and is probably affected.
> 
Remark. changelog of xpdf:

xpdf (3.00-9) unstable; urgency=high

 * Applied patch to fix vulnerability CAN-2004:0889: integer overflow
   issues that could allow denial of service or possibly arbitrary
   code execution

 -- Hamish Moffatt <hamish <at> debian.org>  Thu, 21 Oct 2004 23:49:32 +1000

The only changes were made in the source code of xpdf, not in the
code of libgoo, we use. So I guess, if we don't compile (and package)
xpdf, we're not affected...

H.
-- 
sigmentation fault



Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #35 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: team@security.debian.org
Cc: 278298@bugs.debian.org, Adrian Bunk <bunk@stusta.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 18:08:05 +0200
[Message part 1 (text/plain, inline)]
Adrian Bunk <bunk@stusta.de> wrote:

> Package: tetex-bin
> Version: 2.0.2-22
> Severity: grave
> Tags: security
>
>
> pdftohtml might be affected by CAN-2004-0889

this should read tetex-bin instead of pdftohtml, which has a different
bug. 

> (integer overflow issues in xpdf).
>
> The code is there, but I haven't checked how it's actually used.

The xpdf code is used by pdftex. I have not verified that the actual
pieces of code are used, but I think so.

I have prepared patches against 1.0.7+20011202-7.1 (woody) and 2.0.2-22
(sarge/sid). I took the changes to Catalog.cxx and XReF.cxx from
cupsys_1.1.14-5woody10.diff.gz[1] and prepared patched files by hand
because the filenames have changed. 

For 2.0.2 the cupsys patch would have applied cleanly without fuzziness
(didn't check for line offsets). For 1.0.7, only three of the four hunks
in XReF.cxx had their counterpart in XReF.cc (with only small
differences).

I do not claim any understanding of the problem or the changes. My
knowledge of C/C++ is neglegible.

There are some other minor fixes in our CVS that are pending upload and
do not have any relation to the security fix (only documentation fixes,
changes in the packaging and a translation). It would be nice if we
could coordinate the fix for sid, so that the pending changes have a
chance to get into sarge soon (without waiting until the security fix
has made the transition)

Regards, Frank

[1] why hasn't there been a security fix for xpdf in woody? It seems to
have exactly the same problems.

-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Martin Schulze <joey@infodrom.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #40 received at 278298@bugs.debian.org (full text, mbox):

From: Martin Schulze <joey@infodrom.org>
To: Frank Küster <frank@debian.org>
Cc: team@security.debian.org, 278298@bugs.debian.org, Adrian Bunk <bunk@stusta.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 18:43:08 +0200
Frank Küster wrote:
> Adrian Bunk <bunk@stusta.de> wrote:
> 
> > Package: tetex-bin
> > Version: 2.0.2-22
> > Severity: grave
> > Tags: security
> >
> >
> > pdftohtml might be affected by CAN-2004-0889
> 
> this should read tetex-bin instead of pdftohtml, which has a different
> bug. 

Darn.

On which version of xpdf is pdftohtml based?  2.x or 3.x?


> > (integer overflow issues in xpdf).
> >
> > The code is there, but I haven't checked how it's actually used.
> 
> The xpdf code is used by pdftex. I have not verified that the actual
> pieces of code are used, but I think so.

Could you check?

> I have prepared patches against 1.0.7+20011202-7.1 (woody) and 2.0.2-22
> (sarge/sid). I took the changes to Catalog.cxx and XReF.cxx from
> cupsys_1.1.14-5woody10.diff.gz[1] and prepared patched files by hand
> because the filenames have changed. 

That would refer to xpdf 2.x fixes.  I'll send you the full patch in
private.  That would also actually bye CAN-2004-0888 (xpdf 2.x) the
CAN from above is for xpdf 3.x.  Xpdf was rewritten in large chunks a
couple of times.

> For 2.0.2 the cupsys patch would have applied cleanly without fuzziness
> (didn't check for line offsets). For 1.0.7, only three of the four hunks
> in XReF.cxx had their counterpart in XReF.cc (with only small
> differences).

*sigh*  Too much, we need an update for woody.

> [1] why hasn't there been a security fix for xpdf in woody? It seems to
> have exactly the same problems.

Really?  The vulnerabilities were found in xpdf 2.x and 3.x, but not
in 1.x.  It would be good if somebody would audit xpdf 1.x, though,
since there are probably similar problems.

Regards,

	Joey

-- 
Testing? What's that? If it compiles, it is good, if it boots up, it is perfect.

Please always Cc to me when replying to me on the lists.



Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #45 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: Martin Schulze <joey@infodrom.org>
Cc: team@security.debian.org, 278298@bugs.debian.org, Adrian Bunk <bunk@stusta.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 19:09:25 +0200
Martin Schulze <joey@infodrom.org> wrote:

> Frank Küster wrote:
>> 
>> The xpdf code is used by pdftex. I have not verified that the actual
>> pieces of code are used, but I think so.
>
> Could you check?

I do not know whether I will have time this evening or tomorrow during
the day, but I hope so.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer




Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #50 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: Martin Schulze <joey@infodrom.org>
Cc: 278298@bugs.debian.org, team@security.debian.org, Adrian Bunk <bunk@stusta.de>
Subject: Re: Bug#278298: tetex-bin might be affected by CAN-2004-0889
Date: Tue, 26 Oct 2004 19:44:57 +0200
Martin Schulze <joey@infodrom.org> wrote:

>> The xpdf code is used by pdftex. I have not verified that the actual
>> pieces of code are used, but I think so.
>
> Could you check?

From the toplevel Makefile:

all:     $(LIBXPDFDIR)/xpdf/libxpdf.a $(LIBXPDFDIR)/goo/libGoo.a  
[...]

and from tetex-bin-2.0.2/texk/web2c/pdftexdir/pdftex.mk

# pdftosrc
pdftosrc: pdftexdir/pdftosrc.o
	$(kpathsea_cxx_link) pdftexdir/pdftosrc.o $(LDLIBXPDF) -lm

The command and variablbe are defined in
tetex-bin-2.0.2/texk/web2c/Makefile:

kpathsea_cxx_link = $(LIBTOOL) link $(cxx_link_command)
[...]
LDLIBXPDF = $(LIBXPDFDIR)/xpdf/libxpdf.a $(LIBXPDFDIR)/goo/libGoo.a

So this means that the code _is_ used. Actually three times:

bzgrep "libtool.*libxpdf.a" ../pbuilder-result/log/tetex-bin_2.0.2-22.build.bz2 
./../klibtool link c++ -o pdftex  pdftexini.o pdftex0.o pdftex1.o pdftex2.o pdftex3.o pdftexextra.o  pdftexdir/libpdf.a -lpng -lz ../../libs/xpdf/xpdf/libxpdf.a ../../libs/xpdf/goo/libGoo.a  lib/lib.a ../kpathsea/libkpathsea.la -lm   
./../klibtool link c++ -o pdfetex  pdfetexini.o pdfetex0.o pdfetex1.o pdfetex2.o pdfetex3.o pdfetexextra.o  pdftexdir/libpdf.a -lpng -lz ../../libs/xpdf/xpdf/libxpdf.a ../../libs/xpdf/goo/libGoo.a  lib/lib.a ../kpathsea/libkpathsea.la -lm   
./../klibtool link c++ -o pdftosrc  pdftexdir/pdftosrc.o ../../libs/xpdf/xpdf/libxpdf.a ../../libs/xpdf/goo/libGoo.a -lm

That is, for pdftex, pdfetex and pdftosrc.

We should make an update.

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer




Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Martin Pitt <martin@piware.de>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #55 received at 278298@bugs.debian.org (full text, mbox):

From: Martin Pitt <martin@piware.de>
To: 278298@bugs.debian.org, team@security.debian.org, Adrian Bunk <bunk@stusta.de>
Cc: control@bugs.debian.org
Subject: Patch available for #278298
Date: Wed, 27 Oct 2004 15:30:55 +0200
[Message part 1 (text/plain, inline)]
retitle 278298 tetex-bin is affected by CAN-2004-0888
tag 278298 patch
thanks

Hi!

I prepared and uploaded a fixed package for Ubuntu Warty. The used
interdiff is available in Ubuntu's bugzilla:

  https://bugzilla.ubuntulinux.org/show_bug.cgi?id=2748

It applies to version 2.0.2-21, whereas Sarge/Sid already have -22,
but the only patch conflict should be at the changelog (which can be
adapted easily).

Adrian, please be aware that the cupsys patch from 5woody10 is not
sufficient, you also need the patches from woody8 and woody9.

Happy patching,

Martin

-- 
Martin Pitt                       http://www.piware.de
Ubuntu Developer            http://www.ubuntulinux.org
Debian GNU/Linux Developer       http://www.debian.org
[signature.asc (application/pgp-signature, inline)]

Changed Bug title. Request was from Martin Pitt <martin@piware.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: patch Request was from Martin Pitt <martin@piware.de> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #64 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: Martin Pitt <martin@piware.de>
Cc: 278298@bugs.debian.org, team@security.debian.org, Adrian Bunk <bunk@stusta.de>
Subject: Re: Bug#278298: Patch available for #278298
Date: Wed, 27 Oct 2004 17:07:23 +0200
[Message part 1 (text/plain, inline)]
Martin Pitt <martin@piware.de> wrote:

> retitle 278298 tetex-bin is affected by CAN-2004-0888
> tag 278298 patch
> thanks
>
> Hi!
>
> I prepared and uploaded a fixed package for Ubuntu Warty. The used
> interdiff is available in Ubuntu's bugzilla:
>
>   https://bugzilla.ubuntulinux.org/show_bug.cgi?id=2748
>
> It applies to version 2.0.2-21, whereas Sarge/Sid already have -22,
> but the only patch conflict should be at the changelog (which can be
> adapted easily).

Applying it as a separate patch is probably the better way. But since I
didn't have it available, I have manually adapted a patch sent by Martin
Schulze and merged it into patch-src. I have sent the patch to the
security team for review, but it's identical to yours (with one small
exception). I attach it here again so that it is in the bug.

The difference: In the second hunk for XRef.cc, I have 

++    if (size >= INT_MAX/sizeof(XRefEntry)) {
++      error(-1, "Invalid 'size' inside xref table.");
++      ok = gFalse;
++      errCode = errDamaged;
++      return;
++    }

but you are missing the 4th line:

++    if ( size >= INT_MAX/sizeof(XRefEntry)) {
++      error(-1, "Invalid 'size' inside xref table.");
++      ok = gFalse;
++      return;
++    }

As I said, my knowledge in C is neglegible, I just took what I got from
the security team.

> Adrian, please be aware that the cupsys patch from 5woody10 is not
> sufficient, you also need the patches from woody8 and woody9.

I guess you mistook Adrian as teTeX maintainer - that's been a while
ago... But cupsys doesn't have separate patches. AFAIR the changes are
in the diff.gz, and are the same as discussed here.

The upload is pending, I just wanted to wait for some reaction from the
team. 

Regards, Frank
-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

[tetex-bin_2.0.2-22-security.patch (text/x-patch, attachment)]

Reply sent to Frank Küster <frank@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Adrian Bunk <bunk@stusta.de>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #69 received at 278298-close@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: 278298-close@bugs.debian.org
Subject: Bug#278298: fixed in tetex-bin 2.0.2-23
Date: Wed, 27 Oct 2004 13:17:32 -0400
Source: tetex-bin
Source-Version: 2.0.2-23

We believe that the bug you reported is fixed in the latest version of
tetex-bin, which is due to be installed in the Debian FTP archive:

libkpathsea-dev_2.0.2-23_i386.deb
  to pool/main/t/tetex-bin/libkpathsea-dev_2.0.2-23_i386.deb
libkpathsea3_2.0.2-23_i386.deb
  to pool/main/t/tetex-bin/libkpathsea3_2.0.2-23_i386.deb
tetex-bin_2.0.2-23.diff.gz
  to pool/main/t/tetex-bin/tetex-bin_2.0.2-23.diff.gz
tetex-bin_2.0.2-23.dsc
  to pool/main/t/tetex-bin/tetex-bin_2.0.2-23.dsc
tetex-bin_2.0.2-23_i386.deb
  to pool/main/t/tetex-bin/tetex-bin_2.0.2-23_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 278298@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Frank Küster <frank@debian.org> (supplier of updated tetex-bin package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 27 Oct 2004 10:30:32 +0200
Source: tetex-bin
Binary: libkpathsea3 tetex-bin libkpathsea-dev
Architecture: source i386
Version: 2.0.2-23
Distribution: unstable
Urgency: high
Maintainer: teTeX maintainers <debian-tetex-maint@lists.debian.org>
Changed-By: Frank Küster <frank@debian.org>
Description: 
 libkpathsea-dev - path search library for teTeX (devel part)
 libkpathsea3 - path search library for teTeX (runtime part)
 tetex-bin  - The teTeX binary files
Closes: 273244 273712 274439 278298
Changes: 
 tetex-bin (2.0.2-23) unstable; urgency=high
 .
   * Security fix for the xpdf code included in pdftex. Many thanks to
     Adrian Bunk <bunk@stusta.de> and Martin Schulze <joey@infodrom.org>
     (closes: #278298) [frank]
   * Do not discard the font cache when updating from woody [frank]
   * Fix typo in dvips manpage (closes: #274439) [frank]
   * Change wording of a diagnostic message of update-texmf, and add a
     --debug option (closes: #273244) [frank]
   * Translations:
     - added czech translation, thanks to Miroslav Kure
       <kurem@upcase.inf.upol.cz> (closes: #273712) [frank]
Files: 
 42d47af525643b0cb3ec85e0d0b10aca 1044 tex optional tetex-bin_2.0.2-23.dsc
 169e201f6959029c9b4e61461d043785 156532 tex optional tetex-bin_2.0.2-23.diff.gz
 bf6d078fd2101c999b8e2bf366ba7fdf 3929728 tex optional tetex-bin_2.0.2-23_i386.deb
 85dee92b5d61072220cedbe74a9eb3c5 57266 libs optional libkpathsea3_2.0.2-23_i386.deb
 77e6c62e4a7bd321a5e87534de470116 66252 libdevel optional libkpathsea-dev_2.0.2-23_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBf54g+xs9YyJS+hoRAqMTAJ4wmTrR46LlccV1o6v/aouUhsC8IwCeOWDT
X5dUUttyS6zdWMNd1a9sxi4=
=Mt8w
-----END PGP SIGNATURE-----




Bug reopened, originator not changed. Request was from frank@kuesterei.ch (Frank Küster) to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: woody Request was from frank@kuesterei.ch (Frank Küster) to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Martin Schulze <joey@infodrom.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #78 received at 278298@bugs.debian.org (full text, mbox):

From: Martin Schulze <joey@infodrom.org>
To: Frank Küster <frank@kuesterei.ch>
Cc: Debian Bug Control Server <278298@bugs.debian.org>, team@security.debian.org
Subject: Re: woody is still affected
Date: Tue, 23 Nov 2004 14:25:12 +0100
Frank Küster wrote:
> # as previously explained, woody is also affected by this.
> # a patch will follow soon

We've experienced a buildd failure on one architecture which is keeping
this update to be released.  It will be as soon as the buildd problem
is fixed.

Regards,

	Joey

-- 
MIME - broken solution for a broken design.  -- Ralf Baechle

Please always Cc to me when replying to me on the lists.



Information forwarded to debian-bugs-dist@lists.debian.org, teTeX maintainers <debian-tetex-maint@lists.debian.org>:
Bug#278298; Package tetex-bin. Full text and rfc822 format available.

Acknowledgement sent to Frank Küster <frank@debian.org>:
Extra info received and forwarded to list. Copy sent to teTeX maintainers <debian-tetex-maint@lists.debian.org>. Full text and rfc822 format available.

Message #83 received at 278298@bugs.debian.org (full text, mbox):

From: Frank Küster <frank@debian.org>
To: Martin Schulze <joey@infodrom.org>
Cc: 278298@bugs.debian.org, team@security.debian.org
Subject: Re: Bug#278298: woody is still affected
Date: Tue, 23 Nov 2004 17:15:30 +0100
[Message part 1 (text/plain, inline)]
tags 278298 patch
stop

Martin Schulze <joey@infodrom.org> schrieb:

> Frank Küster wrote:
>> # as previously explained, woody is also affected by this.
>> # a patch will follow soon
>
> We've experienced a buildd failure on one architecture which is keeping
> this update to be released.  It will be as soon as the buildd problem
> is fixed.

The patch I first sent you is not complete - it just contains the fixes
in xpdf_3.00-9, not the additional ones in 3.00-10. Here's a complete
patch, backported to woody's tetex-bin.

As explained previously, in the part analogous to xpdf 3.00-9 (and yet
fixed for tetex-bin in unstable), there is one hunk that does not apply
at all to woody - the code is simply not there.

The new patch (3.00-10) applies fine to the sources in woody, but it
uses some error handling routines that are not implemented in xpdf-1 (or
tetex-bin_1*). I simply commented the line "errCode = errDamage".

The patched sources compile fine in a woody pbuilder environment on
i386, but I have not yet set up a woody machine for testing them.

Here's the patch (against 7.1 which is in the archive):

[tetex-bin_1.0.7+20011202-7.1-xpdf-security-3.patch (text/x-patch, attachment)]
[Message part 3 (text/plain, inline)]
Regards, Frank


-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer

Tags added: patch Request was from Frank Küster <frank@debian.org> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to frank@kuesterei.ch (Frank Küster):
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Adrian Bunk <bunk@stusta.de>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #90 received at 278298-done@bugs.debian.org (full text, mbox):

From: frank@kuesterei.ch (Frank Küster)
To: Hilmar Preusse <hille42@web.de>
Cc: 278298-done@bugs.debian.org
Subject: Re: Bug#278298: woody is still affected
Date: Tue, 30 Nov 2004 09:28:25 +0100
Hilmar Preusse <hille42@web.de> wrote:

>> 
>> Here's the patch (against 7.1 which is in the archive):
>> 
> Der ist doch nun auch Geschichte, oder?

Yes, it has been fixed by the upload of 1.0.7+20011202-7.3. I wrote the
changelog entry, but I didn't mean it to be used without review by the
security team. In particular, I didn't know whether security team
uploads, which are literally NMU's, usually just fix bugs, or really
close (in which case this has to be done manually, anyway). 

So let's take this as a maintainer's acknowledgement of a the NMU, and I
close the bug.

Regards, Frank

-- 
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer




Bug reopened, originator not changed. Request was from Adrian Bunk <bunk@stusta.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags removed: woody Request was from Adrian Bunk <bunk@stusta.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: sarge Request was from Adrian Bunk <bunk@stusta.de> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to Joey Hess <joeyh@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Adrian Bunk <bunk@stusta.de>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #101 received at 278298-done@bugs.debian.org (full text, mbox):

From: Joey Hess <joeyh@debian.org>
To: 278298-done@bugs.debian.org
Subject: close
Date: Fri, 31 Dec 2004 15:08:28 -0500
[Message part 1 (text/plain, inline)]
I'm re-closing this bug as the fixed package is in sarge.

(Re-opening bugs to track security fixes getting into sarge is not
particularly effective, IMHO.)

-- 
see shy jo
[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 06:59:12 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.