CVE-2021-37220: MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input. Unreleased patch: https://git.ghostscript.com/?p=mupdf.git;h=f5712c9949d026e4b891b25837edd2edc166151f
Asked upstream about versioning given I don't know if 1.18.1 is a proper release or not. Trying to avoid adding just this patch then ending up stabling something else given it likely has security related fixes in it, in short succession.
Package list is empty or all packages have requested keywords.
Version 1.19.0 is in tree and stable keyworded. There is also 1.18.0-r4 for which I was not able to quickly determine if it contains the fix for this particular CVE or not.
CVE-2021-4216 (https://bugs.ghostscript.com/show_bug.cgi?id=704834): A Floating point exception (division-by-zero) flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream. Patch, in 1.20.0: https://github.com/ArtifexSoftware/mupdf/commit/22c47acbd52949421f8c7cb46ea1556827d0fcbf
(In reply to Sam James from comment #1) > Asked upstream about versioning given I don't know if 1.18.1 is a proper > release or not. Trying to avoid adding just this patch then ending up > stabling something else given it likely has security related fixes in it, in > short succession. In any case it's definitely in 1.19.0
Ping. Please clean up the vulnerable version 1.19.1. It looks like this also requires app-text/zathura-pdf-mupdf-0.3.8-r2 to be removed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8dc589bb73695e2b430fefd16f80669c42d2d736 commit 8dc589bb73695e2b430fefd16f80669c42d2d736 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2023-10-22 14:49:48 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2023-10-22 14:49:48 +0000 app-text/mupdf: drop 1.19.1 Bug: https://bugs.gentoo.org/803305 Signed-off-by: Joonas Niilola <juippis@gentoo.org> app-text/mupdf/Manifest | 1 - app-text/mupdf/mupdf-1.19.1.ebuild | 153 ------------------------------------- 2 files changed, 154 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=37e4aa60381e73a83d87f0ee892c3e7145abdf64 commit 37e4aa60381e73a83d87f0ee892c3e7145abdf64 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-12 07:17:27 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-12 07:17:45 +0000 [ GLSA 202408-29 ] MuPDF: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/803305 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-29.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+)
