CVE-2021-3410: A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context. Looks like no fix upstream yet.
Fixed in https://github.com/cacalabs/libcaca/commit/e4968ba6e93e9fd35429eb16895c785c51072015?
opensuse applies quite a number of more patches than us over that code: https://build.opensuse.org/package/show/multimedia:libs/libcaca
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9e49df2222085dded48b58473bc2fd6347f8352f commit 9e49df2222085dded48b58473bc2fd6347f8352f Author: Andrew Savchenko <bircoph@gentoo.org> AuthorDate: 2021-05-22 11:36:04 +0000 Commit: Andrew Savchenko <bircoph@gentoo.org> CommitDate: 2021-05-22 11:39:14 +0000 media-libs/libcaca: fix multiple CVEs and docs build failure CVE fixed (using Debian patchset): CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20549, CVE-2021-3410. Fix docs build failure (doxygen and latex issues) using both Debian patch and patch from bug 543870#c11. Install docs into proper path. Bug: https://bugs.gentoo.org/543870 Bug: https://bugs.gentoo.org/772317 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> media-libs/libcaca/files/100_doxygen.diff | 170 +++++++++++++++++++ media-libs/libcaca/files/CVE-2018-20544.patch | 45 +++++ .../libcaca/files/CVE-2018-20545+20547+20549.patch | 34 ++++ .../libcaca/files/CVE-2018-20546+20547.patch | 36 ++++ ...em-in-the-caca_resize-overflow-detection-.patch | 135 +++++++++++++++ ...as-fix-an-integer-overflow-in-caca_resize.patch | 141 ++++++++++++++++ media-libs/libcaca/files/fix-css-path.patch | 12 ++ media-libs/libcaca/libcaca-0.99_beta19-r4.ebuild | 182 +++++++++++++++++++++ 8 files changed, 755 insertions(+)
Security team, please note that multiple CVEs are present prior to -r4. Also while I helped with current problem, I'm not a maintainer of this packages, so proceed with stabilization on your own or with @media-video team.
Thanks!
ppc64 done
amd64 stable
x86 stable
ppc done
arm done
sparc done
arm64 done all arches done
Please cleanup.
Unable to check for sanity: > no match for package: media-libs/libcaca-0.99_beta19-r4
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a17a038ba653cf52039460cf79adca71ef4a2326 commit a17a038ba653cf52039460cf79adca71ef4a2326 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-18 14:55:58 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-18 14:56:11 +0000 media-libs/libcaca: drop 0.99_beta19-r5, 0.99_beta19-r6 Bug: https://bugs.gentoo.org/772317 Signed-off-by: Sam James <sam@gentoo.org> media-libs/libcaca/libcaca-0.99_beta19-r5.ebuild | 151 -------------------- media-libs/libcaca/libcaca-0.99_beta19-r6.ebuild | 173 ----------------------- 2 files changed, 324 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=93b7e0381c6c02b0f3ba93252ac9f9b72c94107a commit 93b7e0381c6c02b0f3ba93252ac9f9b72c94107a Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-18 10:22:11 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-18 10:22:34 +0000 [ GLSA 202402-19 ] libcaca: Arbitary Code Execution Bug: https://bugs.gentoo.org/772317 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-19.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
