Your message dated Thu, 10 Feb 2011 21:08:42 +0000
with message-id <[email protected]>
and subject line Bug#612032: fixed in tesseract 2.04-2.1
has caused the Debian Bug report #612032,
regarding vulnerability: rewrite arbitrary user file
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
612032: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612032
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: tesseract
Version: 2.04-2
Severity: grave
Tags: security
Justification: user security hole
User: [email protected]
Usertags: origin-ubuntu natty
This bug report was also filed in Ubuntu and can be found at
http://launchpad.net/bugs/607297
The description, from segooon, follows:
Hi, I've just discovered that tesseract-ocr is vulnerable to rewriting any user
file:
DEBUG_WIN::DEBUG_WIN( //constructor
....
length +=
sprintf (command + length,
"\"stty opost; tty >/tmp/debug%d; while [ -s /tmp/debug%d ]\ndo\nsleep
1\ndone\" &\n",
pid, pid);
Here attacker can create link to any file in the system that user may write to.
The only he has to know - the pid of process. As it is (last PID + 1) by
default, it is not difficult to guess.
Thanks.
-- System Information:
Debian Release: squeeze/sid
APT prefers natty
APT policy: (500, 'natty')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.37-12-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: tesseract
Source-Version: 2.04-2.1
We believe that the bug you reported is fixed in the latest version of
tesseract, which is due to be installed in the Debian FTP archive:
tesseract-ocr-dev_2.04-2.1_i386.deb
to main/t/tesseract/tesseract-ocr-dev_2.04-2.1_i386.deb
tesseract-ocr_2.04-2.1_i386.deb
to main/t/tesseract/tesseract-ocr_2.04-2.1_i386.deb
tesseract_2.04-2.1.diff.gz
to main/t/tesseract/tesseract_2.04-2.1.diff.gz
tesseract_2.04-2.1.dsc
to main/t/tesseract/tesseract_2.04-2.1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jakub Wilk <[email protected]> (supplier of updated tesseract package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 10 Feb 2011 16:35:45 +0100
Source: tesseract
Binary: tesseract-ocr tesseract-ocr-dev
Architecture: source i386
Version: 2.04-2.1
Distribution: unstable
Urgency: low
Maintainer: Jeffrey Ratcliffe <[email protected]>
Changed-By: Jakub Wilk <[email protected]>
Description:
tesseract-ocr - Command line OCR tool
tesseract-ocr-dev - Development files for the tesseract command line OCR tool
Closes: 612032
Changes:
tesseract (2.04-2.1) unstable; urgency=low
.
* Non-maintainer upload.
* Bump build-dependency on quilt to >= 0.46-7~.
* Disable xterm-based debug windows (closes: #612032, LP: #607297). Thanks
to Kees Cook for the bug report.
Checksums-Sha1:
748972b1b1ffddbde57a78601bac73c1b3dcb68c 1752 tesseract_2.04-2.1.dsc
0294dc71596c8344261172d6ec13981ea357a185 8478 tesseract_2.04-2.1.diff.gz
9373a2d8fd28431461d3fd9bb4ad839b2f1ef827 996422 tesseract-ocr_2.04-2.1_i386.deb
876b64018b16b024ba7feeeb71c984b813d92599 2301434
tesseract-ocr-dev_2.04-2.1_i386.deb
Checksums-Sha256:
553c030c46d59f185fd1555d0cf6d463be8a202be54a382b4255afb67c25b3c9 1752
tesseract_2.04-2.1.dsc
1136db24a3b8e5272e419e24e12396a306e46fd947817e98cffa19f1ee6ea40d 8478
tesseract_2.04-2.1.diff.gz
53d53500347db487dd8124be25f48e4b2d4aebdd37b339950d25c72f0bc5dec6 996422
tesseract-ocr_2.04-2.1_i386.deb
d26dcc3c9a26566330890d99d7d0eaa6c84dd732cfff21f1913679f555219396 2301434
tesseract-ocr-dev_2.04-2.1_i386.deb
Files:
6a35f447de7093b5cf8d83dab7892e11 1752 graphics optional tesseract_2.04-2.1.dsc
beeecece541d8aa973c8adc5a40add6f 8478 graphics optional
tesseract_2.04-2.1.diff.gz
8171ec2f9be49945149339e94f747724 996422 graphics optional
tesseract-ocr_2.04-2.1_i386.deb
3426f743005c42b5deabe1b841de9bdd 2301434 graphics optional
tesseract-ocr-dev_2.04-2.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCAAGBQJNVBF0AAoJEC1Os6YBVHX1eUUP/2I+tZ+r5HXhSrWV6gKhfpor
P+QQAEck1yJAD45Kdf5k+/d2USE5rrLHQI/WIqSdyn3/AkCPy3IdSsJylzhhr4xz
bkPpkRkw87RNWNeltBfa8gGBA8EouaR+qwaF1Ats391GW/kIWi445+tly7wdYldO
92TPRPDt7ztArzndFITnCti0DNF57DvBIxkkZgEFlVIB4HCfRJLX9mAbOy0zWrkx
dn37sxH964Y82jkK5xqefb2LKcRJ4PUhvfEQwMJC6/p/Fn71J4QRGh7iR4tBAoJK
Id9c61P5hbIZr2shEemnonw9Cc/DsdCaLiBRDdoivVsvaEONQzIEU0t8bVgSfipd
9wZ246rY7II4CAwOG8PuRuYd1Smz0Tu0F2YgJcRYLWC4uSHSB9DHEmjfZHQ12GXc
3G3sg759acF8u6elhRIvftpAWHkTm2dEqfo3YlFXUvjEB47R50xDwu1XDzt3eMJM
f2pV0/4DzVDGj/shj0IUdWrOAR96VeN3KgZAdbdfgkg7RunrFeLJHj/hOVyCa2yT
sLjxawwsgY1kAGOBRisozHJ/o9rKoD5rN+3Ce54WsnmnAIb55GFyhMSU3yEFN8AG
lLv4OiQuM5WbG172W3rrXYDsuYxWzt9P9iUWHRUC5C95bdS2eI+5UNEs53WdvFCp
PUERVAYW8RCGTWoucNzi
=sKQZ
-----END PGP SIGNATURE-----
--- End Message ---
