Debian Bug report logs - #333740
abiword: [CAN-2005-2972] More RTF import buffer overflows

version graph

Package: abiword; Maintainer for abiword is Debian QA Group <packages@qa.debian.org>; Source for abiword is src:abiword (PTS, buildd, popcon).

Reported by: Martin Pitt <martin.pitt@canonical.com>

Date: Thu, 13 Oct 2005 13:33:09 UTC

Severity: grave

Tags: patch, sarge, security

Found in version abiword/2.2.7-3

Fixed in version 2.2.8-1

Done: Steve Langasek <vorlon@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Masayuki Hatta (mhatta) <mhatta@debian.org>:
Bug#333740; Package abiword. (full text, mbox, link).

Acknowledgement sent to Martin Pitt <martin.pitt@canonical.com>:
New Bug report received and forwarded. Copy sent to Masayuki Hatta (mhatta) <mhatta@debian.org>. (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Martin Pitt <martin.pitt@canonical.com>
To: Debian BTS Submit <submit@bugs.debian.org>
Subject: abiword: [CAN-2005-2972] More RTF import buffer overflows
Date: Thu, 13 Oct 2005 15:30:02 +0200
[Message part 1 (text/plain, inline)]
Package: abiword
Version: 2.2.7-3
Severity: grave
Tags: security patch

Hi!

More RTF import buffer overflows have been found:

http://www.abisource.com/viewcvs/cgi/viewcvs.cgi/abi/src/wp/impexp/xp/ie_imp_RTF.cpp.diff?r1=1.347.2.19&r2=1.347.2.21

(yes, two patches, the first one had a typo).

This has been assigned CAN-2005-2972. You can get the Ubuntu debdiff from

  http://patches.ubuntu.com/patches/abiword.CAN-2005-2972.diff

Thanks,

Martin

-- 
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?

[signature.asc (application/pgp-signature, inline)]

Tags added: sarge Request was from Joshua Kwan <joshk@triplehelix.org> to control@bugs.debian.org. (full text, mbox, link).

Reply sent to Steve Langasek <vorlon@debian.org>:
You have taken responsibility. (full text, mbox, link).

Notification sent to Martin Pitt <martin.pitt@canonical.com>:
Bug acknowledged by developer. (full text, mbox, link).

Message #12 received at 333740-done@bugs.debian.org (full text, mbox, reply):

From: Steve Langasek <vorlon@debian.org>
To: 333740-done@bugs.debian.org
Subject: Re: abiword: [CAN-2005-2972] More RTF import buffer overflows
Date: Tue, 18 Oct 2005 18:15:17 -0700
[Message part 1 (text/plain, inline)]
Version: 2.2.8-1

Per Josh Kwan, this bug only affects the 2.2.7 version of abiword.

Thanks,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

[signature.asc (application/pgp-signature, inline)]

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 25 Jun 2007 07:58:13 GMT) (full text, mbox, link).

Bug unarchived. Request was from Stefano Zacchiroli <zack@debian.org> to control@bugs.debian.org. (Sun, 10 Apr 2011 08:47:21 GMT) (full text, mbox, link).

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 09 May 2011 07:40:48 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Oct 11 12:07:52 2017; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.