From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/34564 Path: main.gmane.org!not-for-mail From: Maciej Matysiak Newsgroups: gmane.emacs.gnus.general Subject: oort gnus gets frozen. Date: 06 Feb 2001 01:36:41 +0100 Sender: owner-ding@hpc.uh.edu Message-ID: NNTP-Posting-Host: coloc-standby.netfonds.no Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Trace: main.gmane.org 1035170469 31108 80.91.224.250 (21 Oct 2002 03:21:09 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Mon, 21 Oct 2002 03:21:09 +0000 (UTC) Return-Path: Original-Received: from karazm.math.uh.edu (karazm.math.uh.edu [129.7.128.1]) by mailhost.sclp.com (Postfix) with ESMTP id C287FD049D for ; Mon, 5 Feb 2001 22:24:32 -0500 (EST) Original-Received: from sina.hpc.uh.edu (lists@Sina.HPC.UH.EDU [129.7.3.5]) by karazm.math.uh.edu (8.9.3/8.9.3) with ESMTP id VAC10693; Mon, 5 Feb 2001 21:23:04 -0600 (CST) Original-Received: by sina.hpc.uh.edu (TLB v0.09a (1.20 tibbs 1996/10/09 22:03:07)); Mon, 05 Feb 2001 21:22:18 -0600 (CST) Original-Received: from epithumia.math.uh.edu (IDENT:root@epithumia.math.uh.edu [129.7.128.2]) by sina.hpc.uh.edu (8.9.3/8.9.3) with ESMTP id VAA29273 for ; Mon, 5 Feb 2001 21:22:07 -0600 (CST) Original-Received: (from tibbs@localhost) by epithumia.math.uh.edu (8.9.3/8.9.3) id VAA00730 for ding@hpc.uh.edu; Mon, 5 Feb 2001 21:22:38 -0600 Original-Received: from mailhost.sclp.com (postfix@66-209.196.61.interliant.com [209.196.61.66] (may be forged)) by sina.hpc.uh.edu (8.9.3/8.9.3) with ESMTP id SAA28308 for ; Mon, 5 Feb 2001 18:56:36 -0600 (CST) Original-Received: from arch.wsc.pl (arch.wsc.pl [212.244.254.222]) by mailhost.sclp.com (Postfix) with SMTP id B8C4FD049D for ; Mon, 5 Feb 2001 19:56:46 -0500 (EST) Original-Received: (qmail 20711 invoked by uid 666); 6 Feb 2001 00:56:37 -0000 Original-To: ding list X-Kibology: Reach out with your sixth sense and know the television. X-Url: http://phoner.blah.pl/ User-Agent: Gnus/5.090001 (Oort Gnus v0.01) XEmacs/21.1 (Capitol Reef) Precedence: list X-Majordomo: 1.94.jlt7 Original-Lines: 63 Xref: main.gmane.org gmane.emacs.gnus.general:34564 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:34564 --=-=-= latest (one hour old or so) cvs oort gnus freezes when i try to read the following message: (that's a msg from bugtraq, from Valentin Nechayev , Message-ID: <20010205104036.A3465@lucky.net>) --=-=-= Content-Type: application/octet-stream Content-Disposition: attachment; filename=99 Content-Description: bogus message Return-Path: Delivered-To: phoner@mail.wsc.com.pl Received: (qmail 32106 invoked by uid 504); 5 Feb 2001 19:37:56 -0000 Delivered-To: v-blah-phoner@BLAH.PL Received: (qmail 32103 invoked by uid 0); 5 Feb 2001 19:37:56 -0000 Received: from lists.securityfocus.com (66.38.151.7) by ogryzek.wsc.pl with SMTP; 5 Feb 2001 19:37:56 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com [66.38.151.7]) by lists.securityfocus.com (Postfix) with ESMTP id 5FAE224CFA5; Mon, 5 Feb 2001 10:53:36 -0700 (MST) Received: from LISTS.SECURITYFOCUS.COM by LISTS.SECURITYFOCUS.COM (LISTSERV-TCP/IP release 1.8d) with spool id 24852203 for BUGTRAQ@LISTS.SECURITYFOCUS.COM; Mon, 5 Feb 2001 10:53:19 -0700 Approved-By: beng@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Received: from securityfocus.com (mail.securityfocus.com [66.38.151.9]) by lists.securityfocus.com (Postfix) with SMTP id 5E95924C56F for ; Mon, 5 Feb 2001 01:37:46 -0700 (MST) Received: (qmail 13463 invoked by alias); 5 Feb 2001 08:37:54 -0000 Delivered-To: BUGTRAQ@SECURITYFOCUS.COM Received: (qmail 13460 invoked from network); 5 Feb 2001 08:37:53 -0000 Received: from burka.carrier.kiev.ua (193.193.193.107) by mail.securityfocus.com with SMTP; 5 Feb 2001 08:37:53 -0000 Received: from netch@localhost by burka.carrier.kiev.ua id KPQ04940; Mon, 5 Feb 2001 10:40:36 +0200 (EET) (envelope-from netch) Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: quoted-printable X-Mailer: Mutt 1.0i X-42: On X-Gnus-Mail-Source: maildir:/mnt/3/phoner/Maildir/new Message-ID: <20010205104036.A3465@lucky.net> Date: Mon, 5 Feb 2001 10:40:36 +0200 Reply-To: netch@lucky.net Sender: Bugtraq List From: Valentin Nechayev Subject: Re: m4 format string vulnerability To: BUGTRAQ@SECURITYFOCUS.COM Lines: 75 Xref: ogryzek bugtraq-l-2001-02:99 > > confirmed for red hat linux 7.0: > > [kerouac:mg:~]m4 -G %x All folks tests it with -G, but it is not really needed. FreeBSD ports: netch@iv:~>gm4 -G %x gm4: bfbffb8c: No such file or directory netch@iv:~>gm4 %x gm4: bfbffb8c: No such file or directory netch@iv:~>gm4 %d gm4: -1077937268: No such file or directory netch@iv:~>gm4 %s gm4: o=FC=BF=BF=84=FC=BF=BF=9E=FC=BF=BF=B3=FC=BF=BF=CA=FC=BF=BF=E5=FC=BF=BF= =F1=FC=BF=BF=FA=FC=BF=BF=FD=BF=BF=1C=FD=BF=BF6=FD=BF=BFK=FD=BF=BFe=FD=BF=BF= s=FD=BF=BF{=FD=BF=BF=91=FD=BF=BF=AB=FD=BF=BF=B9=FD=BF=BF=CB=FD=BF =BF=D8=FD=BF=BF=EE=FD=BF=BFe=FE=BF=BFx=FE=BF=BF=90=FE=BF=BF: No such file o= r directory (port is m4-1.4) RH 7.0: netch@yacc:~>m4 %x m4: 80499d9: No such file or directory netch@yacc:~>m4 %d m4: 134519257: No such file or directory RH 6.2: netch@sleipnir:~>m4 %x m4: 401081cc: No such file or directory netch@sleipnir:~>rpm -q m4 m4-1.4-12 and so on. Possibly all GNU versions are vulnerable. Patch against this (tabs are broken by cut-and-paste): --- src/m4.c.orig Wed Nov 2 05:14:28 1994 +++ src/m4.c Mon Feb 5 10:36:17 2001 @@ -466,7 +466,7 @@ fp =3D path_search (argv[optind]); if (fp =3D=3D NULL) { - error (0, errno, argv[optind]); + error (0, errno, "%s", argv[optind]); continue; } else Another the only bad usage of error(): m4.c:372: error (0, errno, optarg); part of code: =3D=3D=3D{{{ case 'o': if (!debug_set_output (optarg)) error (0, errno, optarg); break; =3D=3D=3D}}} patch is of the same idea. > > m4: 80499d9: Datei oder Verzeichnis nicht gefunden > > [kerouac:mg:~]cat /etc/redhat-release > > Red Hat Linux release 7.0 (Guinness) > > [kerouac:mg:~]rpm -q m4 > > m4-1.4.1-3 /netch --=-=-= the cpu load gets very high (well, on my p120), i just have to kill xemacs. on my console, from which startx is run, i can find then: ,---- | current stat is :3 | | Lisp backtrace follows: | | mm-decode-coding-region(2049 3686 koi8-r) | # bind (coding-system) | # (unwind-protect ...) | # bind (type encoding charset) | mm-decode-body("koi8-r" quoted-printable "text/plain") | # (unwind-protect ...) | # (unwind-protect ...) | # bind (inhibit-point-motion-hooks case-fold-search buffer-read-only | # mail-parse-charset mail-parse-ignored-charsets ct cte ctl charset format | # prompt) | article-decode-charset() | run-hooks(article-decode-charset) | # bind (do-update-line sparse-header group article) | gnus-request-article-this-buffer(99 "nnml:bugtraq-l-2001-02") | # bind (buffer-read-only) | # (unwind-protect ...) | # bind (result group gnus-tmp-internal-hook summary-buffer gnus-article) | # (unwind-protect ...) | # bind (header all-headers article) | gnus-article-prepare(99 nil) | # bind (all-header article) | gnus-summary-display-article(99 nil) | # (unwind-protect ...) | # bind (article all-headers gnus-summary-display-article-function article | # pseudo force all-headers) | gnus-summary-select-article(nil nil pseudo) | # bind (lines) | gnus-summary-scroll-up(1) | # bind (command-debug-status) | call-interactively(gnus-summary-scroll-up) | # (condition-case ... . error) | # (catch top-level ...) | | current stat is :1 | current stat is :2 | xinit: connection to X server lost. `---- the message has: Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: quoted-printable but it looks like it should have charset=us-ascii. waiting for fix, m.m. -- use gnus not guns! --=-=-=--