Fabre

#987424 mgetty-viewfax has mailcap entries with quoted %-escapes #987424

Package:: mgetty-viewfax

Source:: mgetty

Description:: Program for displaying Group-3 Fax files under X

Submitter:: Marriott NZ

Date:: 2021-04-23 17:21:03 UTC

Severity:: normal

Tags:

#987424#5

Date:: 2021-04-23 17:18:09 UTC

From:

To:

Dear Maintainer,
the mgetty-viewfax package has mailcap entries with quoted %-escapes. That is considered unsafe. Proper escaping should be left to the programs using the entry.

This Lintian tag is triggered:
https://lintian.debian.org/tags/quoted-placeholder-in-mailcap-entry.html

See also grave bug #930908, which was recently closed because "a Lintian test already exists":
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930908

I'm using the "security" tag because the affected rules in combination with certain mail user agents (or document openers) are the cause of a shell command injection vulnerability.

/usr/lib/mime/packages/mgetty-viewfax should be changed from:

 image/fax; viewfax '%s'; test=test -n "$DISPLAY"; description="Fax file"
 image/fax-g3; viewfax '%s'; test=test -n "$DISPLAY"; description="G3-encoded Fax file"
 image/fax-g4; viewfax '%s'; test=test -n "$DISPLAY"; description="G4-encoded Fax file"

to:

 image/fax; viewfax %s; test=test -n "$DISPLAY"; description="Fax file"
 image/fax-g3; viewfax %s; test=test -n "$DISPLAY"; description="G3-encoded Fax file"
 image/fax-g4; viewfax %s; test=test -n "$DISPLAY"; description="G4-encoded Fax file"

If you need more information let me know.

Thanks,
MNZ

#987424 mgetty-viewfax has mailcap entries with quoted %-escapes #987424

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)