Package: gnome-help
Version: 1.4.0.6-5
Severity: normal
Tags: security
mutt, (or the mime-types mechanism) has chosen gnome-help-browswer for
reading HTML attachments (if running under X) and one attachment I
received crashed it.
security: I don't know if this indicates a possible security problem given
that I don;'t have control of the content of email attachments
I include the offending HTML file (compressed now), (it appears to be
benign spam).
begin 644 naughty.html.gz
M'XL(`(<)_T(``^U<;7?:.!;^OK]"T^[LV9U3XS=>4V`/I;1-FX1,H$FG7WJ$
M+;"GMN6Q!$FZ._]]KRP;;,`%`LFVG7!.FV#+5_?EN5>/KMPV'>Y[[:9#L-UN
M,G[K$<1O0]+BY(:K%F/M$KDEHXA>[EMAIL PROTECTED]@^./
MO2.D:^'-<[EMAIL PROTECTED]>!5_^+T"$W#D$069N0YZO9/^A='Z.DX_B3/ONJ<
M'I_\=H1F)+)Q@)_AR,7>,X=X,\)="S]C.&`*(Y$[3F2_['7[%YWA<?_L"`4T
M(.A/U$EU//+<X#,H6C"PJ<8&MIO<Y?##;JKREZ9/.$8.YZ%"_IBZLU:7!IP$
M7!F")Y`EO[2>Q"X1[GJ.+`='C/#6M1O8])HINE$QGB1RTO&[EMAIL PROTECTED]
MOE^Z6;OXXZ.\V;BV:P6>C\U._2Z=S'SL>4NNXZY/V#,Y^$]4$A[;_-!F?\>R
MQ)-Y83?*W<4Y^EK%4F!85K6J:062T0;1ID4]&A7H>[EMAIL PROTECTED]<+HG?S1<H+\]S
M&0\CUR+;[EMAIL PROTECTED]"G8A.)XZ8YVMSI'YI-#2MT"^;W;)NBD/.@;E(
M&I<&,,>+3O?=ZXO^^[.72K:@V!4Q\`>L5;FR\?9BQF39^-"M0-E69=T>4?L6
MB;K1>JK%'S0[`>DM\'FU:IH(RV^O7C4:\,V+OVB::38::#3IBKP1-\4':B,>
M026RB.<-0FRYP:2EQ=_.L6W+;]>NS9U63:N`7R.;1"VMW;3=&<*>.PE:'AES
M4"P6DTI+Q\6"[EMAIL PROTECTED])XGM;3V18Q7([EMAIL
PROTECTED]'C!RA]+<GB1A+ZJO'GT29*ECB
MVJW.E-.SJ3\B41DYQ)TXO&7608D(_MC)4+-:S]X;@V?1&%ND=2FCBIC[A;2,
[EMAIL PROTECTED]"8D&L47\\)[EMAIL PROTECTED]"F4IK?EN":L,A$9M\12
M<Z2J>$2G7(QF=,Q+%O75?X?M:<"F(V9%[H@@GS15W$Z%J]S.VF'J63LV2CYO
MHZ;K3Q:Q8)&5#I\HKH\GA)6PC[_0('Y`7E%?JYJN!GBF0FHP&D",OQ!;M7#$
MKUWFJ)%00.$TA"&*3<9XZG'%*$T@;R4<X@&[EMAIL PROTECTED],1&7#:$O3A$VJ"%"*&!6@
M!&8*2,\C9WF8L99<C*18W[5M`:P4O7$)L.?0K.4E2V%Y3&Z#\'(&X8DJLTX\
M/UB<[EMAIL PROTECTED]:4<^KG+!)S;*^A7JFL%2RTF[O&-$6B9Y`#STR2)!*U
[EMAIL PROTECTED]"X4)*8FE4R)[EMAIL PROTECTED](%,<_G2R)>&4!X.7IU]AKKK6WT?BY
M,"+2F6#*(@<[EMAIL PROTECTED],,1<U1>]#K7'3?--51/N?R^$R,6(7W/?E5IMAF
MQZYJ&5_)HV)WK.E9K*68LN`C%H_E6"1#->WGS8++F=&;):_F7>XQ`A_+`H<S
MXA&+RS5R&GEPA88Q<Y`WB-T>0$F\QA&45GD'[EMAIL PROTECTED]
MS^3V&G1B,&9CJ:W/!<6$/@XP>)ZW7M.O@&$9"[EMAIL PROTECTED]'([EMAIL
PROTECTED]&U`E51E-`>*"P
M1/],D4VJX0Q[4R(FF=?XV`"X(%UFS%<,0X_+;[QN1?[7`51\913M6*KRT?JV
M:Z*L(_/B\#`%,K_0WV>=;*:UP`)>26#$:*O2*?V15M"$,P[[Y\"HT5GO"@V/
MAR>]P=P044C#?:OHX2.Q34G]:OU/*NN.%72K0K=+"=7NH81NG-28)YI9J'TY
[EMAIL PROTECTED]/2Z7;&33WAU_PP-.B<]=-:_^JD8>SD5RRDES[/JXAV!
MWM;7$W'=:[EMAIL PROTECTED];K1[\-^PRQHSZ/*#)@H[:R"SB(/4:Q/9MU_+R+S1V;PF[F
MW*&<,@[EMAIL PROTECTED](4TR]S%IMHM)5[+SASZ<BRC=CS7E?:[EMAIL PROTECTED]>:H
M=G\F51XJAW#[%6P:'73Z0610^7XRJ/I0UGQI=VE$//0RPM=(-^['FMH^<'NW
MB\5G-`(FBSH!=V=N-&4B1)7[`5S]H4+T=EX21,5&`Q*!S/L)5./A8`>4`3-T
MBF\QJJ(K/"/CB-^/4;KV4%992;G+V+'%4SNM#L>>-V4\PIQ&[EMAIL PROTECTED]@.0-!
MGXP%I6HW!:'*-L.6J=.22P>$(!_J!AK=(NZX#/DXF,)`/HT$-#,\20C>/9AK
M+Q\^7I?M4Q=6)G%A'[EMAIL PROTECTED]:[EMAIL
PROTECTED]"V[FQ-JGGCV09U_+3+B+5P^!SR[D
M"/5)Q&[EMAIL PROTECTED];K^\'EQ=M[A!&$(4?$7(Y\5FI5%KOS%W:*L6[Y95&[EMAIL
PROTECTED]
MI)M7$W9AL-\9I0'``5LD#EKL*,:$,5=T\E'/=N/6V"[EMAIL PROTECTED]
M],6;I1R]ZTE#&%&?"J68RB`<GTFD!N2:,/X)XB74SFS7ZT:Z7]?+<ZR(GI38
M]N4/GN;(">A5A+->BNWK.I0R<B0QM^KK]*'MN_PIYFHK.V.SLH4WQTN-3`*!
MTM>T,B]=<HWZ,?R&XDT&MJ:GN:@_<_/3XYC*UL=2[]IW:&BN!'>KCF9!$Y--
M1[[+2[;[EMAIL PROTECTED]"EJ;6^55N$4L_*3EE$*M4LF:7&CPN?I"M*\Z']]>
M=DN:7AI^E)_2[^%D7I'T;!KG[85$L#_%LJ0YJSFI[H;(N7O2V>N-M>=K*[C/
M]>A2+]33,S(S/[EMAIL PROTECTED]<1F'V@(5)I]$R\-U?7$O.^G*.*V2,WG^KD3[[^5&HZ1I
MA4O#WJ8<VHJTTB3J5QNE1F,A?3_5\YK_1J=H`!1]O?);[EMAIL PROTECTED]
M5W_^UVH(=DFKTSV.HV798"[EMAIL PROTECTED](&M96:-T'5SCGQ39I)8
M(>)E;M3NS+#KX9'KN?PV]AI*KD!2C8&Z'Y\-AIVS(8)M7>!1;/^4/MBETQ!J
M3Y?:TMLH>#>F57(RC0>D_".,79&X*>-,\<J,H$8##"4;7>[EMAIL PROTECTED])?R5Y_8
M=AD^`?;)@([EMAIL PROTECTED](%A&?!)P)JY/W%/Z;[EMAIL PROTECTED]>52[GL,EE3BTR17GF)
M.4&):WHW(<S/$J].)T#UD*DS_DSN];-VQIPL[YD.K/9BC4D9(KH@,UCK)+*S
MU=B(EZ$G%00&(#I&4)PYCMB37>[EMAIL PROTECTED]"H<,[EMAIL PROTECTED]/*E@(B!2J2A:
[EMAIL PROTECTED]&[EMAIL PROTECTED]&[EMAIL PROTECTED]@@G#PD_E^;\,00O.1&4@(&#
M;8+$RTO`31_JK9KX?"#W6LU\E:U4UAQ89&\N,]'E%G!W8*!+V0C>@W9^R&Q@
M'[EMAIL PROTECTED])V_[J4DRY33FT'REG7CZMOCP7E_'3>JWT:
M=$\3YODI2SW+Y4?JN3/UK#Q2S_\?]:PDU+.A[4L]IS\6]1Q_K%]9]G[$T_AV
MB.?I(_%<)9X;>:=XXV('UGFQD74FOZ\AGP7=V$T$<-&*S!^=+]J1@/H3&DP@
MC8*T-;D7.;QY[$D>D"#VOS6"6/_K$L1?]R&(6N6T/WP=$\0"<@@[EMAIL PROTECTED]
MRR3QRW*/+''!$HW:=\T2R]\U2S32!F5E7Y;XYL=BB<8'>O.FNQ]+-/<@B%?2
MID.QQ/>/+/$N[4G3,(U=>")[>)Z8?Q4Q1Q`O46W/?F'_L5]X(#J(OS4ZJ/]U
MZ>#Q/G2PVNC5WO4%'3Q9<T1=JSSV"1^/[EMAIL PROTECTED]&`,,?BP&&'5ZC%XZ6HX#
M)OZ15'`;#EC>@P,ZA^6`+Q\YX%TX8*U6K>W4+)QM2P+#XA/KK=YR+/RWJ,F_
0WX__JZ*__0\IP,[EMAIL PROTECTED]
`
end
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux clunker.homenet 2.4.18 #17 SMP Fri Jun 10 14:47:41 GMT-12 2005
i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages gnome-help depends on:
ii gdk-imlib1 1.9.14-2woody2 Gdk-Imlib is an imaging library fo
ii gnome-core 1.4.0.6-5 Common files for Gnome core apps
ii libart2 1.4.1.4-3 The Gnome canvas widget - runtime
ii libaudiofile0 0.2.3-4 The Audiofile Library
ii libbz2-1.0 1.0.2-1.woody5 A high-quality block-sorting file
ii libc6 2.2.5-11.8 GNU C Library: Shared libraries an
ii libdb3 3.2.9-16 Berkeley v3 Database Libraries [ru
ii libesd0 0.2.23-3 Enlightened Sound Daemon - Shared
ii libglib1.2 1.2.10-4 The GLib library of C routines
ii libgnome32 1.4.1.4-3 The Gnome libraries
ii libgnomesupport0 1.4.1.4-3 The Gnome libraries (Support libra
ii libgnomeui32 1.4.1.4-3 The Gnome libraries (User Interfac
ii libgnorba27 1.4.1.4-3 Gnome CORBA services
ii libgtk1.2 1.2.10-11 The GIMP Toolkit set of widgets fo
ii libgtkxmhtml1 1.4.1.4-3 The Gnome gtkxmhtml (HTML) widget
ii libjpeg62 6b-5 The Independent JPEG Group's JPEG
ii liborbit0 0.5.16-1 Libraries for ORBit - a CORBA ORB
ii libpng2 1.0.12-3.woody.9 PNG library - runtime
ii libtiff3g 3.5.5-6.woody5 Tag Image File Format library
ii libungif4g 4.1.0b1-2 shared library for GIF images (run
ii libwrap0 7.6-9 Wietse Venema's TCP wrappers libra
ii xlibs 4.1.0-16woody6 X Window System client libraries
ii zlib1g 1:1.1.4-1.0woody0 compression library - runtime
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
