[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#592569: marked as done (gs: ps documents can overwrite arbitrary files unless -dSAFER is used)

Your message dated Tue, 17 Sep 2019 13:20:15 +0200
with message-id <156871921514.21624.4420864137243945594@auryn.jones.dk>
and subject line Re: Bug#592569: Please make -dSAFER the default
has caused the Debian Bug report #592569,
regarding gs: ps documents can overwrite arbitrary files unless -dSAFER is used
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
592569: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592569
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: ghostscript
Version: 8.62.dfsg.1-3.2lenny4
Severity: grave
Tags: security
Justification: user security hole


Please make the -dSAFER option the default.

For discussion, rationale etc please see bugs #583183 and #584663, and
particularly:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584663#55

Thanks,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 5.0.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-pk03.18-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages ghostscript depends on:
ii  debconf [debc 1.5.24                     Debian configuration management sy
ii  debianutils   2.30                       Miscellaneous utilities specific t
ii  defoma        0.11.10-0.2                Debian Font Manager -- automatic f
ii  gs-common     8.62.dfsg.1-3.2lenny4      Dummy package depending on ghostsc
ii  gsfonts       1:8.11+urwcyr1.0.7~pre44-3 Fonts for the Ghostscript interpre
ii  libc6         2.7-18lenny4               GNU C Library: Shared libraries
ii  libgs8        8.62.dfsg.1-3.2lenny4      The Ghostscript PostScript/PDF int

Versions of packages ghostscript recommends:
ii  psfontmgr                    0.11.10-0.2 PostScript font manager -- part of

Versions of packages ghostscript suggests:
ii  ghostscript-x      8.62.dfsg.1-3.2lenny4 The GPL Ghostscript PostScript/PDF
pn  hpijs              <none>                (no description available)

-- no debconf information

--- End Message ---
--- Begin Message --- 
Version: 9.28~~rc1~dfsg-1

Quoting brian m. carlson (2014-03-28 21:47:09)
> I have reported at least two different vulnerabilities against Debian
> packages that are caused by invoking gs without -dSAFER.  They are
> extremely trivial to find and create working exploits for.
> 
> It is very common for programs to use gs on untrusted input; in fact, it
> is often used to fix broken input.  The incidence of cases in which the
> user does not want the behavior of -dSAFER is extremely low.  This makes
> -dSAFER a logical default.
> 
> I'm personally just fine looking for more of these types of
> vulnerabilities as long as -dSAFER isn't the default.  However, I
> suspect the Debian Security Team would prefer to handle fewer
> vulnerabilities of this class, and clearly Debian users would benefit
> from not having their files deleted by malicious PostScript.

Ghostscript upstream has redefined -dSAFER since (pre-releases of) 9.28 
so that effectively (old meaning of) -dSAFER is now enabled by default.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Attachment: signature.asc
Description: signature


--- End Message ---
Reply to: