From owner-freebsd-ports@FreeBSD.ORG Fri Mar 28 04:23:39 2003 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1A0337B401; Fri, 28 Mar 2003 04:23:39 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-63-207-60-150.dsl.lsan03.pacbell.net [63.207.60.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id 31B8543F3F; Fri, 28 Mar 2003 04:23:39 -0800 (PST) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id EB3DE66BE5; Fri, 28 Mar 2003 04:23:38 -0800 (PST) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id C07861003; Fri, 28 Mar 2003 04:23:38 -0800 (PST) Date: Fri, 28 Mar 2003 04:23:38 -0800 From: Kris Kennaway To: Greg 'groggy' Lehey Message-ID: <20030328122338.GA20529@rot13.obsecurity.org> References: <20030328013119.GA17944@rot13.obsecurity.org> <20030328014146.GK72254@wantadilla.lemis.com> <20030328020025.GN72254@wantadilla.lemis.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5vNYLRcllDrimb99" Content-Disposition: inline In-Reply-To: <20030328020025.GN72254@wantadilla.lemis.com> User-Agent: Mutt/1.4i X-Spam-Status: No, hits=-35.8 required=5.0 tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: ports@FreeBSD.org cc: sobomax@FreeBSD.org Subject: Re: FORBIDDEN ports scheduled for removal X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2003 12:23:41 -0000 --5vNYLRcllDrimb99 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 28, 2003 at 12:30:25PM +1030, Greg 'groggy' Lehey wrote: > OK, found it at http://www.securityfocus.com/bid/5808. Discussion > says: >=20 > gv is a freely available, open source Portable Document Format (PDF) > and PostScript (PS) viewing utility. It is available for Unix and > Linux operating systems. >=20 > It has been reported that an insecure sscanf() function exists in > gv. Due to this function, an attacker may be able to put malicious > code in the %%PageOrder: portion of a file. When this malicious file > is opened with gv, the code would be executed in the security > context of the local user. >=20 > Note that this refers to gv, not ghostview. It's also incorrect with > ghostview 1.5. The binary doesn't contain a sscanf() function. I've > tried the exploit, and it didn't work. I'll check further, but I > think this one can be allowed again. Seems reasonable. It looks like sobomax marked this port FORBIDDEN by mistake. Kris --5vNYLRcllDrimb99 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+hD7KWry0BWjoQKURAlCKAJ4z2bnx1QIrrdZhxrbzOjGhvuW9pACfXF7+ DZz7ySczIx42Z7fpWKE0yPQ= =IDJW -----END PGP SIGNATURE----- --5vNYLRcllDrimb99--