From owner-freebsd-ports-bugs@FreeBSD.ORG  Fri Jun 20 02:50:19 2003
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 57EB737B401
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Fri, 20 Jun 2003 02:50:19 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4E31343FA3
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Fri, 20 Jun 2003 02:50:18 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h5K9oIUp097976
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Fri, 20 Jun 2003 02:50:18 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h5K9oIbD097974;
	Fri, 20 Jun 2003 02:50:18 -0700 (PDT)
Resent-Date: Fri, 20 Jun 2003 02:50:18 -0700 (PDT)
Resent-Message-Id: <200306200950.h5K9oIbD097974@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Hideyuki KURASHINA <rushani@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9FF4737B401
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 20 Jun 2003 02:45:25 -0700 (PDT)
Received: from wasley.bl.mmtr.or.jp (wasley.bl.mmtr.or.jp [210.228.173.142])
	by mx1.FreeBSD.org (Postfix) with SMTP id DE5FC43F93
	for <FreeBSD-gnats-submit@freebsd.org>;
	Fri, 20 Jun 2003 02:45:23 -0700 (PDT)
	(envelope-from rushani@FreeBSD.org)
Received: (qmail 15124 invoked from network); 20 Jun 2003 18:45:22 +0900
Received: from unknown (HELO localhost) (61.213.0.21)
  by mx.bl.mmtr.or.jp with SMTP; 20 Jun 2003 18:45:22 +0900
Message-Id: <20030620.184459.35472975.rushani@FreeBSD.org>
Date: Fri, 20 Jun 2003 18:44:59 +0900 (JST)
From: Hideyuki KURASHINA <rushani@FreeBSD.org>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
cc: DougB@FreeBSD.org
Subject: ports/53546: Update port: graphics/xpdf (includes security fix)
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>,
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jun 2003 09:50:19 -0000


>Number:         53546
>Category:       ports
>Synopsis:       Update port: graphics/xpdf (includes security fix)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jun 20 02:50:17 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Hideyuki KURASHINA
>Release:        FreeBSD 4.8-STABLE i386
>Organization:
>Environment:

	System: FreeBSD ***.*******.jp 4.8-STABLE FreeBSD 4.8-STABLE #1: Tue Jun 17 21:39:02 JST 2003

>Description:

	Similar to ports/53479, xpdf before 2.02pl1 contains a vulnerability
	that is possible to construct a malicious URL link in a PDF file
	which causes an arbitrary command to be run.

	From xpdf 2.02pl1, allowable characters to be used in URL strings
	are based more strict policy. In former releases, xpdf does filtering
	single quotation marks (') and double-quotation marks ("), but not
	back-quotation marks (`).

	See following references for details.

	  Xpdf, Current version 
	    http://www.foolabs.com/xpdf/download.html
	  [Full-Disclosure] -10Day CERT Advisory on PDF Files
	    http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html
	  Xpdf Information for VU#200132
	    http://www.kb.cert.org/vuls/id/IAFY-5MQRU8

>How-To-Repeat:

	N/A (I couldn't reproduce this vulnerability).

>Fix:

	Update xpdf port as follows;

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/graphics/xpdf/Makefile,v
retrieving revision 1.49
diff -u -r1.49 Makefile
--- Makefile	7 Apr 2003 00:43:45 -0000	1.49
+++ Makefile	20 Jun 2003 08:05:45 -0000
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	xpdf
-PORTVERSION=	2.02
+PORTVERSION=	2.02pl1
 CATEGORIES=	graphics print
 MASTER_SITES=	ftp://ftp.foolabs.com/pub/xpdf/ \
 		${MASTER_SITE_TEX_CTAN}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/graphics/xpdf/distinfo,v
retrieving revision 1.20
diff -u -r1.20 distinfo
--- distinfo	7 Apr 2003 00:43:45 -0000	1.20
+++ distinfo	20 Jun 2003 08:06:15 -0000
@@ -1 +1 @@
-MD5 (xpdf-2.02.tar.gz) = fb54402d98fb834e5778163cfc238b44
+MD5 (xpdf-2.02pl1.tar.gz) = e2932bb0f844d8318c940350c2aa2eb6



>Release-Note:
>Audit-Trail:
>Unformatted: