Bug 152870
Summary: | CAN-2004-1170 a2ps File Name Command Execution Vulnerability | ||
---|---|---|---|
Product: | [Retired] Fedora Legacy | Reporter: | David Lawrence <dkl> |
Component: | a2ps | Assignee: | Fedora Legacy Bugs <bugs> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | mattdm, pekkas |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170 | ||
Whiteboard: | 1, LEGACY, QA, rh73, rh90 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-12-18 05:04:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
David Lawrence
2005-03-30 23:30:21 UTC
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QA for a2ps-4.13b-28.1.legacy.src.rpm for RHL9: * only change to spec file is the addition of the one patch to fix this issue. * patch is identical to FreeBSD patch mentioned above * package build and installs fine * seems to run fine +PUBLISH (Am I supposed to *remove* "publish-rhl9" from the whiteboard now? Sorry, I'm confused.) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCeRrEz8vebpLJCdYRAhqLAJ4mQQSvFy+yjVv0cyNNlhvzMoFO7QCfVqd/ xRofzpDg18D4smkaSqSjTQA= =sCcA -----END PGP SIGNATURE----- Yes, that obviates the need for anyone else to do so :) Okay -- just wanted to be sure that one "vote" was sufficient, and that the whiteboard tags are actually inverse from what makes sense to me. :) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ++PUBLISH for RHL 7.3 RHL 7.3 Packages: 2ps-4.13b-19.1.legacy.src.rpm SHA1 hecksums verify okay. * I downloaded the src.rpm file, verified the sha1 checksum. * Verified changelogs match except for CAN-2004-1170 fix and redhat rebuild. * Verified changes with rpmlint/rpmdiff. Only changes are U+G ownership changes on the patch files, addition of a patch for CAN-2004-1170, and changes to the spec file. * Unpacked the rpms, and did a "diff -uNr" on the original and new contents. Verified spec file changes are as expected, and only other changes are the patch. DID NOT VERIFY CONTENTS OF THE PATCH. Only verified contents of the spec file, and that nothing else changed. * Rebuilt package (no problems) on two machines (double the checks!) * Tested the exploit to see that it worked with the old package. * Installed the new package. * Tested the exploit to see that it now fails. Vote for pushing to updates-testing for RHL 7.3. ++PUBLISH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFDNEh94jZRbknHoPIRAg6KAJ4nuTJ/dEuD1zu2qEgCMyXliS61vgCeNIwb 8YbPjeH5zR+oYH2O3Tc+Alg= =dQkg -----END PGP SIGNATURE----- Publish for FC1 is still needed.. Oops, and the patch contents still need to be reviewed. (The update proposer could otherwise inject e.g., root exploits or whatever in the patches!). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ++PUBLISH for RHL 7.3 This is a _second_ (updated) PUBLISH vote for me (only count them as _one_ vote, since they are duplicates) since last time I didn't verify the patch contents (and this time I did). RHL 7.3 Packages: enscript-1.6.1-19.73.1.legacy.src.rpm SHA1 hecksums verify okay. * Verified changelogs match except for bug fix and redhat rebuild. * Verified changes with rpmlint/rpmdiff. Only changes are addition of the patch, changing of spec file, and the changing of user/group on files. * Unpacked the rpms, and did a "diff -uNr" on the original and new contents. Verified spec file changes are as expected, and only other change is the new patch. Verified the patch is the same as the one pointed to in this bug entry. * Rebuilt package (no problems) on two RHL 7.3 machines without problems. * Tested the exploit to see that it worked with the old package. * Installed the new package without problems. * Tested the exploit to see that it now fails (it does). Vote for pushing to updates-testing for RHL 7.3. ++PUBLISH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFDVp+G4jZRbknHoPIRAhOqAJ4sqmiJ5oOLKT/bglx/bX296mCQXwCgrJ9o 8vJovcakb9PugOdVkQgUGuE= =KGy0 -----END PGP SIGNATURE----- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ++PUBLISH for FC 1 FC 1 Packages: a2ps-4.13b-30.1.legacy.src.rpm SHA1 hecksum 9f2cd572a97212cf9dd4bdd2a5f2303d8a5be225 verifies okay. * Verified changelogs match except for bug fix addition. * Verified changes with rpmlint/rpmdiff. Only changes are addition of the patch, changing of spec file, and the changing of user/group on files. * Unpacked the rpms, and did a "diff -uNr" on the original and new contents. Verified spec file changes are as expected, and only other change is the new patch. * Verified the patch is the same as the one pointed to in this bug entry. Package looks okay. All changes to the package are as expected. Did not try to build or run the package though as I don't run FC1. Vote for pushing to updates-testing for FC 1. ++PUBLISH -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFDVqW04jZRbknHoPIRArJMAKCQAlhpn1IBcX79C9GmFPUOrjGt8ACeJ3TH QdbIXRNpjI3TNPLEX9ideRk= =YOMo -----END PGP SIGNATURE----- Thanks! pushed to updates-testing -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 QA for RHL9. Signatures OK, installs OK. This and previous version generate identical .ps file out of a text. rpm-build-compare.sh on the binaries looks sane. +VERIFY RHL9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFDexHMGHbTkzxSL7QRAtoLAJ9KJHFvHBrqOoNY80z82YxDqJNQWQCglwzs XAYEnozv1gPaSQRSKt6jF6w= =6t/K -----END PGP SIGNATURE----- Timeout in 4 weeks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ++VERIFY for RHL 7.3 Package: a2ps-4.13b-19.2.legacy.i386.rpm SHA1 hecksum b0ebb139fd78a887831f8528458d969c42841283 verifies okay. Installed fine. Properly saved /usr/share/a2ps/afm/fonts.map.rpmsave. Printed file properly. All looks good. Vote for release for RHL 7.3 ++VERIFY -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFDfiv94jZRbknHoPIRAkoyAJ9EY+S7EvgPbMnPhFcJV6FDq0sC7gCgt/4o +NtLZ/SGVQwcB0l4yEoJQts= =lgcC -----END PGP SIGNATURE----- Awesome :) Timeout over. Packages were released. |