From ${URL} : There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1683499 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Patch: https://git.savannah.gnu.org/cgit/pspp.git/commit/?id=0b842a84353790534a401e09a8d3bdd3d25bc3a6 @Maintainer(s), please let us know if you can apply this patch, or create a new ebuild.
We've got another one patched in 2.3.0. 2) CVE-2018-20230 Description: "An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact." @Maintainers: please advise if it's possible make a new ebuild to 2.3.0.
(In reply to Sam James from comment #2) > We've got another one patched in 2.3.0. > > 2) CVE-2018-20230 > Description: > "An issue was discovered in PSPP 1.2.0. There is a heap-based buffer > overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, > which allows attackers to cause a denial of service (application crash) or > possibly have unspecified other impact." Patch: https://git.savannah.gnu.org/cgit/pspp.git/commit/?id=abd1f816ca3b4f382bddf4564ad092aa934f0ccc
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e42197fcabcd1372267affa74297e1e9c19c092 commit 2e42197fcabcd1372267affa74297e1e9c19c092 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-10-04 16:38:32 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2020-10-04 16:38:32 +0000 sci-mathematics/pspp: Add security patches This fixes several QA issues, adds a missing dependency, fixes compiling with GCC 10, fixes tests, and adds patches for security. Bug: https://bugs.gentoo.org/679392 Closes: https://bugs.gentoo.org/674362 Closes: https://bugs.gentoo.org/677282 Closes: https://bugs.gentoo.org/682342 Closes: https://bugs.gentoo.org/708548 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/16785 Signed-off-by: David Seifert <soap@gentoo.org> .../pspp/files/pspp-1.2.0-CVE-2018-20230.patch | 134 +++++++++++++++++++++ .../pspp/files/pspp-1.2.0-CVE-2019-9211.patch | 74 ++++++++++++ .../pspp/files/pspp-1.2.0-fix-gcc10.patch | 30 +++++ .../pspp/files/pspp-1.2.0-fix-overflow.patch | 32 +++++ .../pspp/files/pspp-1.2.0-fix-segfaults.patch | 45 +++++++ .../pspp/files/pspp-1.2.0-fix-tests.patch | 61 ++++++++++ sci-mathematics/pspp/files/pspp-1.2.0-py3.patch | 38 ++++++ sci-mathematics/pspp/pspp-1.2.0-r1.ebuild | 112 +++++++++++++++++ 8 files changed, 526 insertions(+)
x86 stable
amd64 done all arches done
Resetting sanity check; package list is empty or all packages are done.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65b93994396ad5d40389327728e3457b24c29d61 commit 65b93994396ad5d40389327728e3457b24c29d61 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-11-26 19:19:45 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-26 19:41:31 +0000 sci-mathematics/pspp: security cleanup (<1.2.0-r1) Bug: https://bugs.gentoo.org/679392 Package-Manager: Portage-3.0.10, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/18416 Signed-off-by: Sam James <sam@gentoo.org> sci-mathematics/pspp/pspp-1.2.0.ebuild | 79 ---------------------------------- 1 file changed, 79 deletions(-)
