Your message dated Sat, 08 Feb 2020 14:21:36 +0000 with message-id <cf1cb2f35981916a86b98b83609df15c95aa378b.camel@adam-barratt.org.uk> and subject line Closing requests included in 10.3 point release has caused the Debian Bug report #946184, regarding buster-pu: package fig2dev/1:3.2.7a-5+deb10u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 946184: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946184 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
- From: Roland Rosenfeld <roland@spinnaker.de>
- Date: Wed, 4 Dec 2019 22:50:25 +0100
- Message-id: <20191204215025.nppugkgycuz7ky2o@dinghy.sail.spinnaker.de>
Package: release.debian.org Severity: normal Tags: buster User: release.debian.org@packages.debian.org Usertags: pu This fixes CVE-2019-19555 in buster. Since this is tagged "unimportant" by the security team on https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't publish a DSA, so I tend to send this into the next point release of buster. Attached you'll find the diff against 3.2.7a-5+deb10u1. Greetings Rolanddiff -Nru fig2dev-3.2.7a/debian/changelog fig2dev-3.2.7a/debian/changelog --- fig2dev-3.2.7a/debian/changelog 2019-07-27 09:51:53.000000000 +0200 +++ fig2dev-3.2.7a/debian/changelog 2019-12-04 22:12:49.000000000 +0100 @@ -1,3 +1,10 @@ +fig2dev (1:3.2.7a-5+deb10u2) buster; urgency=medium + + * 41_CVE-2019-19555: Allow Fig v2 text strings ending with multiple ^A. + This fixes CVE-2019-19555. Closes (#946176). + + -- Roland Rosenfeld <roland@debian.org> Wed, 04 Dec 2019 22:12:49 +0100 + fig2dev (1:3.2.7a-5+deb10u1) buster; urgency=medium * 40_circle_arrowhead: Do not segfault on circle/half circle arrowheads diff -Nru fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch --- fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch 1970-01-01 01:00:00.000000000 +0100 +++ fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch 2019-12-04 22:12:49.000000000 +0100 @@ -0,0 +1,28 @@ +From: Thomas Loimer <thomas.loimer@tuwien.ac.at> +Date: Wed Dec 4 17:56:04 2019 +0100 +Bug: https://sourceforge.net/p/mcj/tickets/55 +Bug-Debian: https://bugs.debian.org/946176 +Origin: https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/ +Subject: Allow Fig v2 text strings ending with multiple ^A. + This fixes CVE-2019-19555 + +--- a/fig2dev/read.c ++++ b/fig2dev/read.c +@@ -3,7 +3,7 @@ + * Copyright (c) 1991 by Micah Beck + * Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul + * Parts Copyright (c) 1989-2015 by Brian V. Smith +- * Parts Copyright (c) 2015-2018 by Thomas Loimer ++ * Parts Copyright (c) 2015-2019 by Thomas Loimer + * + * Any party obtaining a copy of these files is granted, free of charge, a + * full and unrestricted irrevocable, world-wide, paid up, royalty-free, +@@ -1318,7 +1318,7 @@ read_textobject(FILE *fp) + If we do not find the CONTROL-A on this line then this must + be a multi-line text object and we will have to read more. */ + +- n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%[\1]", ++ n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%1[\1]", + &t->type, &t->font, &t->size, &t->pen, + &t->color, &t->depth, &t->angle, + &t->flags, &t->height, &t->length, diff -Nru fig2dev-3.2.7a/debian/patches/series fig2dev-3.2.7a/debian/patches/series --- fig2dev-3.2.7a/debian/patches/series 2019-07-27 09:51:53.000000000 +0200 +++ fig2dev-3.2.7a/debian/patches/series 2019-12-04 22:12:49.000000000 +0100 @@ -12,3 +12,4 @@ 37_pgf-etex.patch 38_omit_showpage.patch 40_circle_arrowhead.patch +41_CVE-2019-19555.patchAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 939036-done@bugs.debian.org, 939802-done@bugs.debian.org, 940647-done@bugs.debian.org, 941365-done@bugs.debian.org, 941713-done@bugs.debian.org, 942575-done@bugs.debian.org, 944294-done@bugs.debian.org, 944348-done@bugs.debian.org, 944856-done@bugs.debian.org, 944865-done@bugs.debian.org, 945518-done@bugs.debian.org, 945845-done@bugs.debian.org, 945896-done@bugs.debian.org, 945925-done@bugs.debian.org, 945965-done@bugs.debian.org, 946032-done@bugs.debian.org, 946033-done@bugs.debian.org, 946083-done@bugs.debian.org, 946175-done@bugs.debian.org, 946184-done@bugs.debian.org, 946402-done@bugs.debian.org, 946557-done@bugs.debian.org, 946559-done@bugs.debian.org, 946651-done@bugs.debian.org, 946705-done@bugs.debian.org, 946819-done@bugs.debian.org, 946822-done@bugs.debian.org, 946831-done@bugs.debian.org, 946841-done@bugs.debian.org, 946864-done@bugs.debian.org, 946901-done@bugs.debian.org, 946960-done@bugs.debian.org, 947038-done@bugs.debian.org, 947125-done@bugs.debian.org, 947201-done@bugs.debian.org, 947254-done@bugs.debian.org, 947321-done@bugs.debian.org, 947331-done@bugs.debian.org, 947832-done@bugs.debian.org, 948104-done@bugs.debian.org, 948203-done@bugs.debian.org, 948205-done@bugs.debian.org, 948290-done@bugs.debian.org, 948363-done@bugs.debian.org, 948390-done@bugs.debian.org, 948400-done@bugs.debian.org, 948464-done@bugs.debian.org, 948472-done@bugs.debian.org, 948485-done@bugs.debian.org, 948544-done@bugs.debian.org, 948545-done@bugs.debian.org, 948550-done@bugs.debian.org, 948601-done@bugs.debian.org, 948609-done@bugs.debian.org, 948695-done@bugs.debian.org, 948796-done@bugs.debian.org, 948826-done@bugs.debian.org, 948850-done@bugs.debian.org, 948854-done@bugs.debian.org, 948857-done@bugs.debian.org, 948899-done@bugs.debian.org, 948904-done@bugs.debian.org, 948910-done@bugs.debian.org, 948979-done@bugs.debian.org, 948988-done@bugs.debian.org, 948991-done@bugs.debian.org, 949120-done@bugs.debian.org, 949121-done@bugs.debian.org, 949310-done@bugs.debian.org, 949541-done@bugs.debian.org, 949704-done@bugs.debian.org, 949728-done@bugs.debian.org, 949842-done@bugs.debian.org, 949852-done@bugs.debian.org, 949895-done@bugs.debian.org, 949898-done@bugs.debian.org, 949899-done@bugs.debian.org, 949904-done@bugs.debian.org, 949906-done@bugs.debian.org, 949908-done@bugs.debian.org, 949957-done@bugs.debian.org, 950018-done@bugs.debian.org, 950139-done@bugs.debian.org, 950166-done@bugs.debian.org, 950257-done@bugs.debian.org, 950272-done@bugs.debian.org, 950280-done@bugs.debian.org, 950369-done@bugs.debian.org, 950466-done@bugs.debian.org
- Subject: Closing requests included in 10.3 point release
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 08 Feb 2020 14:21:36 +0000
- Message-id: <cf1cb2f35981916a86b98b83609df15c95aa378b.camel@adam-barratt.org.uk>
Package: release.debian.org Version: 10.3 Hi, Each of the uploads referred to by these bugs was included in today's stable point release. Regards, Adam
--- End Message ---