Comment 7 for bug 13779

The following URL contains source and binary packages for powerpc resolving
CAN-2005-0605[1], which is described as:

  The XPM library's scan.c file may allow attackers to execute arbitrary code
  by crafting a malicious XPM image file containing a negative bitmap_unit
  value that provokes a buffer overflow.

http://redwald.deadbeast.net/tmp/CAN-2005-0605/

I'm attaching a GPG-signed file, MD5SUMS.txt, that you can use to verify
the download.

This package makes two changes:

1) It applies the purported fix for CAN-2005-0605. I know of no exploit
   for this vulnerability, so I was unable to test this.
2) It fixes the regression in XPM file-writing introduced by the fix for
   CAN-2004-0914 (in -16woody5). I confirmed that saving XPM files in a
   woody environment with -16woody5 with the GIMP didn't work, and that
   upgrading to -16woody6 restored the functionality.

Please also find at the above URL:
* my package build log, xfree86_4.1.0-16woody6_powerpc.build; I built in a
  clean, up-to-date woody chroot
* xfree86_4.1.0-16woody6_qa_install_purge.typescript, a transcript of
  installing and purging these packages in a woody chroot
* xfree86_4.1.0-16woody6_qa_upgrade_downgrade.typescript, a transcript of
  upgrading these packages from -16woody5 and downgrading them back to
  -16woody5 in a woody chroot
* test-x11-packages, the shell script I used to automate the above QA tests

Please let me know if you require anything else regarding this
vulnerability.

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605

--
G. Branden Robinson | Somewhere, there is a .sig so funny
Debian GNU/Linux | that reading it will cause an
<email address hidden> | aneurysm. This is not that .sig.
http://people.debian.org/~branden/ |