CVE-2019-25051: objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list). Apparently unreleased patch: https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1bf5957c0e28cda26533b9995b69fe24972bd1f9 commit 1bf5957c0e28cda26533b9995b69fe24972bd1f9 Author: Conrad Kostecki <conikost@gentoo.org> AuthorDate: 2021-07-20 23:27:56 +0000 Commit: Conrad Kostecki <conikost@gentoo.org> CommitDate: 2021-07-20 23:27:56 +0000 app-text/aspell: drop old version Bug: https://bugs.gentoo.org/803113 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Conrad Kostecki <conikost@gentoo.org> app-text/aspell/aspell-0.60.8-r2.ebuild | 112 -------------------------------- 1 file changed, 112 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e8adb6ed480c4538fc561c348f5bab3d4410baa commit 0e8adb6ed480c4538fc561c348f5bab3d4410baa Author: Conrad Kostecki <conikost@gentoo.org> AuthorDate: 2021-07-20 23:26:08 +0000 Commit: Conrad Kostecki <conikost@gentoo.org> CommitDate: 2021-07-20 23:26:08 +0000 app-text/aspell: fix CVE-2019-25051 Debian also applied this upstream patch to their aspell package. Bug: https://bugs.gentoo.org/803113 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Conrad Kostecki <conikost@gentoo.org> app-text/aspell/aspell-0.60.8-r3.ebuild | 113 +++++++++++++++++++++ .../files/aspell-0.60.8-cve-2019-25051.patch | 96 +++++++++++++++++ 2 files changed, 209 insertions(+)
Thank you! Let us know when ready to stable.
(In reply to Sam James from comment #2) > Thank you! Let us know when ready to stable. Already done, since this was only a patch, I revbumped with same keywords and dropped old one.
(In reply to Conrad Kostecki from comment #3) > (In reply to Sam James from comment #2) > > Thank you! Let us know when ready to stable. > > Already done, since this was only a patch, I revbumped with same keywords > and dropped old one. Thanks!
Unable to check for sanity: > no match for package: app-text/aspell-0.60.8-r3
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7d9d089a012fd0128c929c9808b85e48104cfea9 commit 7d9d089a012fd0128c929c9808b85e48104cfea9 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-26 12:30:16 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-26 12:30:42 +0000 [ GLSA 202402-31 ] GNU Aspell: Heap Buffer Overflow Bug: https://bugs.gentoo.org/803113 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-31.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
