624708 – (CVE-2017-2820) <app-text/poppler-0.57.0-r1: Integer overflow in the JPEG 2000 image parsing functionality

Bug 624708 (CVE-2017-2820) - <app-text/poppler-0.57.0-r1: Integer overflow in the JPEG 2000 image parsing functionality

Summary: <app-text/poppler-0.57.0-r1: Integer overflow in the JPEG 2000 image parsing ...

Status:	RESOLVED FIXED

Alias:	CVE-2017-2820

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal major (vote)
Assignee:	Gentoo Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:	A2 [glsa+ cve]
Keywords:

Depends on:	CVE-2017-9083
Blocks:
	Show dependency tree

Reported:	2017-07-12 15:26 UTC by Agostino Sarubbo
Modified:	2018-01-17 13:43 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2017-07-12 15:26:00 UTC

From ${URL} :

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler. A specially crafted PDF file can lead to an integer overflow causing out of 
bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.

External References:

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0321


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.

Comment 1 Yury German Gentoo Infrastructure

2017-08-10 07:23:12 UTC

setting dependency to stabilization bug.

Comment 2 Michael Palimaka (kensington) gentoo-dev

2017-09-21 13:03:29 UTC

Removing dependency, there's no evidence that this is fixed.

Comment 3 Larry the Git Cow gentoo-dev

2017-11-24 23:07:52 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b0f7e72d6950013ea98f65116dc44cedd8923dd5

commit b0f7e72d6950013ea98f65116dc44cedd8923dd5
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2017-11-24 22:55:47 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2017-11-24 23:06:22 +0000

    app-text/poppler: Fix CVE-2017-{2820,9083}
    
    Bug: https://bugs.gentoo.org/619558
    Bug: https://bugs.gentoo.org/624708
    Package-Manager: Portage-2.3.16, Repoman-2.3.6

 .../poppler-0.57.0-disable-internal-jpx.patch      | 25 ++++++++++++++++++++++
 app-text/poppler/poppler-0.57.0-r1.ebuild          |  1 +
 2 files changed, 26 insertions(+)}

Comment 4 Larry the Git Cow gentoo-dev

2017-12-20 23:08:23 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=25a02f548c6203536c02e119b06d16a80be7fc73

commit 25a02f548c6203536c02e119b06d16a80be7fc73
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2017-12-20 23:07:07 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2017-12-20 23:07:55 +0000

    app-text/poppler: Fix CVE-2017-{2820,9083}
    
    Bug: https://bugs.gentoo.org/619558
    Bug: https://bugs.gentoo.org/624708
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 app-text/poppler/poppler-0.61.1.ebuild | 1 +
 app-text/poppler/poppler-0.62.0.ebuild | 1 +
 app-text/poppler/poppler-9999.ebuild   | 1 +
 3 files changed, 3 insertions(+)}

Comment 5 Aaron Bauman (RETIRED) gentoo-dev

2018-01-15 23:12:07 UTC

Added to existing GLSA.

Comment 6 GLSAMaker/CVETool Bot gentoo-dev

2018-01-17 13:43:33 UTC

This issue was resolved and addressed in
 GLSA 201801-17 at https://security.gentoo.org/glsa/201801-17
by GLSA coordinator Aaron Bauman (b-man).