[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#844242: marked as done (RFS: terminology/0.7.0-2 [RC])

Your message dated Tue, 22 Nov 2016 11:30:52 +0100
with message-id <20161122103052.GA821@angband.pl>
and subject line Re: Bug#844242: RFS: terminology/0.9.1-0.1 [RC] [NMU]
has caused the Debian Bug report #844242,
regarding RFS: terminology/0.7.0-2 [RC]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
844242: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844242
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: sponsorship-requests
Severity: important

Dear mentors,

I am looking for a sponsor for my package "terminology"

 * Package name    : terminology
   Version         : 0.9.1-0.1
   Upstream Author : Enlightenment team
 * URL             : https://www.enlightenment.org/about-terminology
 * License         : BSD
   Section         : x11

It builds those binary packages:

 terminology - Enlightenment efl based terminal emulator
 terminology-data - Enlightenment efl based terminal emulator data

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/terminology

Alternatively, one can download the package with dget using this command:

    dget -x https://mentors.debian.net/debian/pool/main/t/terminology/terminology_0.9.1-0.1.dsc

Changes since the last upload:

  [ Ross Vandegrift ]
  * Non-maintainer upload.
  * New upstream release
    - Fix for "CVE-2015-8971: Escape Sequence Command Execution
      vulnerability" (Closes: #843434)
  * Enable build hardening options
  * Suggest libemotion-players for media support (Closes: #773057, #766705)
  * Reformat package descriptions (Closes: #779494, #782082)
  * Use secure Vcs- URLs in debian/control
  * Bump Standards-Version to 3.9.8
  * fix-minus-signs-manpage.patch: drop patch, fixed upstream
  * use-system-lz4.patch: defuzz
  * fix-del-backspace-key.patch: defuzz
  * Provide x-terminal-emulator alternative (Closes: #774111)
  * debian/copyright: remove unused ltmain.sh paragraph
  * Add gbp.conf and notes on usage in README.source

  [ Nicolas Braud-Santoni ]
  * Normalize links and use HTTPS

Regards,
 Ross Vandegrift

--- End Message ---
--- Begin Message --- 
On Mon, Nov 21, 2016 at 07:07:25PM -0500, Ross Vandegrift wrote:
> On Mon, Nov 21, 2016 at 05:46:24PM -0500, Ross Vandegrift wrote:
> > So I'll prepare another version that consists only of the security fix
> > backported to jessie.  The new version will wait for experimental.
> 
> Here it is, this time just adopting and fixing the security issue:
> https://mentors.debian.net/debian/pool/main/t/terminology/terminology_0.7.0-2.dsc
> 
> No problems with creating new tabs.  Updated changelog:
> 
>  * New Maintainer.  Thanks to Anthony for original work. (Closes: #844244)
>  * Fix for "CVE-2015-8971: Escape Sequence Command Execution vulnerability"
>    backported from upstream rev b80bedc.  (Closes: #843434)

Alas, that version doesn't seem that stable either.  By randomly going
around options, I got a segfault while changing theme to "nyanology".
I tried to reproduce that crash, without luck; the core I got points to
libedje1 which has no -dbg nor -dbgsym available.

But, it's obviously not a fault of your changes which are really minimal.
I've uploaded as-is, as we really don't want an exploitable bug, other
problems can be investigated at a less urgent pace.

Backtrace from that core attached.
-- 
An imaginary friend squared is a real enemy.

Reading symbols from /usr/bin/terminology...Reading symbols from /usr/lib/debug/.build-id/d5/f287651afff72e3a0706ae310e000953705572.debug...done.
done.
[New LWP 32165]
[New LWP 32166]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `terminology'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007ff611906a86 in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
[Current thread is 1 (Thread 0x7ff6137211c0 (LWP 32165))]
(gdb) bt
#0  0x00007ff611906a86 in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#1  0x00007ff611909b19 in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#2  0x00007ff6119646fd in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#3  0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#4  0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#5  0x00007ff61195928e in edje_object_part_swallow () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#6  0x0000558c7a1d2310 in _split_tabcount_update (tm=<optimized out>, sp=<optimized out>) at main.c:182
#7  0x00007ff612421114 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#8  0x00007ff6116dbfa7 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#9  0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#10 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#11 0x00007ff6124215a5 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#12 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#13 0x00007ff61242a4b9 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#14 0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#15 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#16 0x00007ff61242e20b in evas_event_feed_mouse_move () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#17 0x00007ff612424c6e in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#18 0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#19 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#20 0x00007ff612450ba1 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#21 0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#22 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#23 0x00007ff6116d6ef5 in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#24 0x00007ff61193d976 in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#25 0x00007ff61193e110 in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#26 0x00007ff61194fa4b in ?? () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#27 0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#28 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#29 0x00007ff61193cb6e in edje_object_file_set () from /usr/lib/x86_64-linux-gnu/libedje.so.1
#30 0x0000558c7a1f857e in theme_apply (edje=0x800000bb400005db, config=0x558c7c301bf0, 
    group=0x558c7a1fb8c7 "terminology/background") at utils.c:39
#31 0x0000558c7a1d3de1 in change_theme (win=<optimized out>, config=0x558c7c301bf0) at main.c:129
#32 0x00007ff6131f02b7 in ?? () from /usr/lib/x86_64-linux-gnu/libelementary.so.2
#33 0x00007ff612421114 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#34 0x00007ff6116dbfa7 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#35 0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#36 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#37 0x00007ff612421693 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#38 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#39 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#40 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
---Type <return> to continue, or q <return> to quit---
#41 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#42 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#43 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#44 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#45 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#46 0x00007ff6124215ff in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#47 0x00007ff61242ecf2 in ?? () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#48 0x00007ff6116d3545 in ?? () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#49 0x00007ff6116d6e5a in eo_do_internal () from /usr/lib/x86_64-linux-gnu/libeo.so.1
#50 0x00007ff61242d69b in evas_event_feed_mouse_up () from /usr/lib/x86_64-linux-gnu/libevas.so.1
#51 0x00007ff60d10a24e in ?? () from /usr/lib/x86_64-linux-gnu/libecore_input_evas.so.1
#52 0x00007ff6121d1605 in ?? () from /usr/lib/x86_64-linux-gnu/libecore.so.1
#53 0x00007ff6121d7c79 in ?? () from /usr/lib/x86_64-linux-gnu/libecore.so.1
#54 0x00007ff6121d7f67 in ecore_main_loop_begin () from /usr/lib/x86_64-linux-gnu/libecore.so.1
#55 0x0000558c7a1d4eda in elm_main (argc=<optimized out>, argv=<optimized out>) at main.c:3370
#56 0x00007ff60fa6e2b1 in __libc_start_main (main=0x558c7a1c9890 <main>, argc=1, argv=0x7ffc9c773ab8, 
    init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffc9c773aa8)
    at ../csu/libc-start.c:291
#57 0x0000558c7a1c98fa in _start ()

--- End Message ---
Reply to: