From owner-freebsd-ports@FreeBSD.ORG Thu Mar 27 18:00:29 2003 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BBA0437B404; Thu, 27 Mar 2003 18:00:29 -0800 (PST) Received: from wantadilla.lemis.com (wantadilla.lemis.com [192.109.197.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8151D43F93; Thu, 27 Mar 2003 18:00:27 -0800 (PST) (envelope-from grog@lemis.com) Received: by wantadilla.lemis.com (Postfix, from userid 1004) id 5C49051A6F; Fri, 28 Mar 2003 12:30:25 +1030 (CST) Date: Fri, 28 Mar 2003 12:30:25 +1030 From: Greg 'groggy' Lehey To: Kris Kennaway Message-ID: <20030328020025.GN72254@wantadilla.lemis.com> References: <20030328013119.GA17944@rot13.obsecurity.org> <20030328014146.GK72254@wantadilla.lemis.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="E0h0CbphJD8hN+Gf" Content-Disposition: inline In-Reply-To: <20030328014146.GK72254@wantadilla.lemis.com> User-Agent: Mutt/1.4i Organization: The FreeBSD Project Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.FreeBSD.org/ X-PGP-Fingerprint: 9A1B 8202 BCCE B846 F92F 09AC 22E6 F290 507A 4223 X-Spam-Status: No, hits=-38.5 required=5.0 tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: ports@FreeBSD.org cc: mita@FreeBSD.org cc: trevor@FreeBSD.org cc: dbader@eece.unm.edu Subject: Re: FORBIDDEN ports scheduled for removal X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2003 02:00:31 -0000 --E0h0CbphJD8hN+Gf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Friday, 28 March 2003 at 12:11:46 +1030, Greg 'groggy' Lehey wrote: > On Thursday, 27 March 2003 at 17:31:19 -0800, Kris Kennaway wrote: >> Dear Port Maintainers, >> >> The following ports have been marked FORBIDDEN for at least 4 months >> and are scheduled for removal after May 1 2003. Please check for any >> updates to your ports and/or discuss the vulnerabilities with the >> developers. If I do not hear anything from you before May 1 these >> ports will be removed as scheduled. >> >> print/ghostview > > I wouldn't be happy to see this one go. If I could find the Bugtraq > report, I'd take a look at fixing it. OK, found it at http://www.securityfocus.com/bid/5808. Discussion says: gv is a freely available, open source Portable Document Format (PDF) and PostScript (PS) viewing utility. It is available for Unix and Linux operating systems. It has been reported that an insecure sscanf() function exists in gv. Due to this function, an attacker may be able to put malicious code in the %%PageOrder: portion of a file. When this malicious file is opened with gv, the code would be executed in the security context of the local user. Note that this refers to gv, not ghostview. It's also incorrect with ghostview 1.5. The binary doesn't contain a sscanf() function. I've tried the exploit, and it didn't work. I'll check further, but I think this one can be allowed again. Greg -- See complete headers for address and phone numbers --E0h0CbphJD8hN+Gf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) iD8DBQE+g6y5IubykFB6QiMRAqR3AKCyNk1i8g5x6z+t+mReZs3Bk4bhvQCgnThu 4EFpPsj4brluh4n8hZem7fk= =XtSb -----END PGP SIGNATURE----- --E0h0CbphJD8hN+Gf--