"Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service." Bug (restricted): https://bugs.ghostscript.com/show_bug.cgi?id=702937 Patch: https://bugs.ghostscript.com/show_bug.cgi?id=702937
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=197b4aee35918341c66b38a761b111d978b00fa6 commit 197b4aee35918341c66b38a761b111d978b00fa6 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-10-13 23:21:32 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-10-13 23:21:39 +0000 app-text/mupdf: add additional security patches * Harden populate_ui against unexpected repairs [0] * Fix overflow in fz_clear_pixmap_with_value [1] Both patches were committed post-1.18.0 upstream. [0] https://github.com/ArtifexSoftware/mupdf/commit/b82e9b6d6b46877e5c376.patch [1] https://github.com/ArtifexSoftware/mupdf/commit/32e4e8b4bcbacbf92af7c.patch Bug: https://bugs.gentoo.org/747151 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Sam James <sam@gentoo.org> .../files/mupdf-1.18.0-fix-oob-in-pdf-layer.c | 102 +++++++++++++++++++++ .../mupdf/files/mupdf-1.18.0-fix-oob-in-pixmap.c | 41 +++++++++ app-text/mupdf/mupdf-1.18.0.ebuild | 3 + 3 files changed, 146 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a986634efb6c5c0842444e989d86e10472412699 commit a986634efb6c5c0842444e989d86e10472412699 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2020-10-12 10:51:19 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-10-13 23:21:38 +0000 app-text/mupdf: bump to 1.18.0 (CVE-2020-26519) Bug: https://bugs.gentoo.org/747151 Removing some keywords (RDEPEND dev-libs/gumbo) Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/17898 Signed-off-by: Sam James <sam@gentoo.org> app-text/mupdf/Manifest | 1 + app-text/mupdf/files/mupdf-1.18-Makefile.patch | 42 ++++++ .../mupdf/files/mupdf-1.18.0-cross-fixes.patch | 128 ++++++++++++++++++ app-text/mupdf/mupdf-1.18.0.ebuild | 150 +++++++++++++++++++++ 4 files changed, 321 insertions(+)
Sanity check failed: > app-text/mupdf-1.18.0 > depend amd64 stable profile default/linux/amd64/17.0 (39 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > depend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (2 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > rdepend amd64 stable profile default/linux/amd64/17.0 (39 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > rdepend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (2 total) > >=dev-libs/libressl-3.2.0:0=[static-libs]
Ugh. We will need to see if we can improve the LibreSSL dep here because 3.2.0 is not stable upstream.
Sanity check failed: > app-text/mupdf-1.18.0 > depend amd64 stable profile default/linux/amd64/17.0 (58 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > depend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (4 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > rdepend amd64 stable profile default/linux/amd64/17.0 (58 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > rdepend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (4 total) > >=dev-libs/libressl-3.2.0:0=[static-libs]
Sanity check failed: > app-text/mupdf-1.18.0 > depend amd64 stable profile default/linux/amd64/17.0 (59 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > depend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (35 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > rdepend amd64 stable profile default/linux/amd64/17.0 (59 total) > >=dev-libs/libressl-3.2.0:0=[static-libs] > rdepend amd64 dev profile default/linux/amd64/17.0/no-multilib/prefix/kernel-3.2+ (35 total) > >=dev-libs/libressl-3.2.0:0=[static-libs]
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9ebc61a7729ce75f3593703cfce7216983f2fb6c commit 9ebc61a7729ce75f3593703cfce7216983f2fb6c Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2020-10-14 05:07:11 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-10-14 19:51:19 +0000 profiles/base/p.use.stable.mask: add app-text/mupdf[libressl] Bug: https://bugs.gentoo.org/747151 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/17919 Signed-off-by: Sam James <sam@gentoo.org> profiles/base/package.use.stable.mask | 5 +++++ 1 file changed, 5 insertions(+)
ppc/ppc64 stable
x86 stable
arm done
arm64 done
amd64 done all arches done
Unable to check for sanity: > no match for package: app-text/mupdf-1.18.0
Unable to check for sanity: > no match for package: app-text/mupdf-1.18.0-r1
Ping for cleanup (and vote)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0db1d8bdcd759b37b1e6190eaee89ac963c14149 commit 0db1d8bdcd759b37b1e6190eaee89ac963c14149 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-01-18 00:40:07 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-01-18 00:46:35 +0000 app-text/mupdf: security cleanup Bug: https://bugs.gentoo.org/747151 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> app-text/mupdf/Manifest | 1 - app-text/mupdf/mupdf-1.17.0.ebuild | 144 ------------------------------------- 2 files changed, 145 deletions(-)
Adding to an existing GLSA request.
This issue was resolved and addressed in GLSA 202105-30 at https://security.gentoo.org/glsa/202105-30 by GLSA coordinator Thomas Deutschmann (whissi).
