Your message dated Sun, 01 Aug 2010 20:50:05 +0000 with message-id <E1OffTx-0007tY-AO@franck.debian.org> and subject line Bug#507108: fixed in eflite 0.4.1-4 has caused the Debian Bug report #507108, regarding eflite: buffer overflow when handling environmental variables to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 507108: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507108 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: eflite: buffer overflow when handling environmental variables
- From: Raphael Geissert <atomo64@gmail.com>
- Date: Thu, 27 Nov 2008 21:36:07 -0600
- Message-id: <200811272136.08643.atomo64@gmail.com>
Package: eflite Version: 0.4.1-1 Severity: normal Hi, While scanning some packages I found the following piece of code which leads to a buffer overflow when an overly long HOME env var is used. Affected code (es.c): > char buf[513]; > char *p; > > p = getenv("HOME"); > sprintf(buf, "%s/.es.conf", p); Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.netAttachment: signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
- To: 507108-close@bugs.debian.org
- Subject: Bug#507108: fixed in eflite 0.4.1-4
- From: Samuel Thibault <sthibault@debian.org>
- Date: Sun, 01 Aug 2010 20:50:05 +0000
- Message-id: <E1OffTx-0007tY-AO@franck.debian.org>
Source: eflite Source-Version: 0.4.1-4 We believe that the bug you reported is fixed in the latest version of eflite, which is due to be installed in the Debian FTP archive: eflite_0.4.1-4.diff.gz to main/e/eflite/eflite_0.4.1-4.diff.gz eflite_0.4.1-4.dsc to main/e/eflite/eflite_0.4.1-4.dsc eflite_0.4.1-4_amd64.deb to main/e/eflite/eflite_0.4.1-4_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 507108@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Samuel Thibault <sthibault@debian.org> (supplier of updated eflite package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 27 Jul 2010 01:48:07 +0200 Source: eflite Binary: eflite Architecture: source amd64 Version: 0.4.1-4 Distribution: unstable Urgency: low Maintainer: Debian Accessibility Team <debian-accessibility@lists.debian.org> Changed-By: Samuel Thibault <sthibault@debian.org> Description: eflite - Festival-Lite based emacspeak speech server Closes: 507108 577864 Changes: eflite (0.4.1-4) unstable; urgency=low . [ Mario Lang ] * Add Homepage field to debian/control. . [ Samuel Thibault ] * es.c: Fix buffer overflow (Closes: #507108). * Makefile.in: Fix flite link flags (Closes: #577864). * debian/control: - Add myself in Uploaders. - Bump Standards-Version to 3.9.1 (no changes needed). - Document that only English is supported. Checksums-Sha1: 3edd4896b288db8d66581203845996bd8aac6b0e 1218 eflite_0.4.1-4.dsc 0fb88688b941982f923084f7acdc8280bcc34744 4760 eflite_0.4.1-4.diff.gz 60f21c40ac4519094862a89df706bc99153cc9d0 22470 eflite_0.4.1-4_amd64.deb Checksums-Sha256: d11de7915330934b7d7e7de6f4c14c4eda1924860c62be929f92dda3a3ab7133 1218 eflite_0.4.1-4.dsc 1666bbe69ac49d69fb5a3668d2904dfd50054677b1b2c14478e77440637ffaf5 4760 eflite_0.4.1-4.diff.gz 48beb781521460a13488ab6b652cbc0b0124f87397cb7048060bef6c07d4b728 22470 eflite_0.4.1-4_amd64.deb Files: 79a194cdcccab0e0091270d9d795b53a 1218 sound extra eflite_0.4.1-4.dsc cf03af0f60fcd0616befc1eb58bd50c9 4760 sound extra eflite_0.4.1-4.diff.gz 0d2a341101d970fd9a3fab992e3d8c26 22470 sound extra eflite_0.4.1-4_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iF4EAREIAAYFAkxV1oMACgkQjSdX/Wzu6KZFbQEAk7AXErszhCNLb402fu1OZ3R/ bSXe41VLZo7rymiOQigBALKVklypH7PyKIVKgwwyvx1I4ixptRUfPz5QMME/vmoP =IX71 -----END PGP SIGNATURE-----
--- End Message ---