CVE-2022-44789: A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.1 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. There's only one reference here and it's not upstream, but it's a textfile of MITRE's CVE assignment response. Somehow they managed to drop the references in the original request, one of which is a link to the patch which is in 1.3.2: https://github.com/ccxvii/mujs/commit/edb50ad66f7601ca9a3544a0e9045e8a8c60561f Please bump.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a16e4047b368d6f7f61b9551290192af202aa846 commit a16e4047b368d6f7f61b9551290192af202aa846 Author: Philipp Rösner <rndxelement@protonmail.com> AuthorDate: 2022-12-15 22:27:01 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-12-24 07:41:36 +0000 dev-lang/mujs: add 1.3.2 Add patch release mujs-1.3.2: - fixes UAF bug - fixes iterator bug Bug: https://bugs.gentoo.org/882775 Signed-off-by: Philipp Rösner <rndxelement@protonmail.com> Closes: https://github.com/gentoo/gentoo/pull/28677 Signed-off-by: Sam James <sam@gentoo.org> dev-lang/mujs/Manifest | 1 + dev-lang/mujs/mujs-1.3.2.ebuild | 61 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+)
Please stable when ready, thanks!
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1431bec6a0ca3be86d09566054bc71e56c932878 commit 1431bec6a0ca3be86d09566054bc71e56c932878 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2023-01-09 12:50:48 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2023-01-09 12:50:48 +0000 dev-lang/mujs: drop 1.2.0, 1.3.0 Bug: https://bugs.gentoo.org/882775 Signed-off-by: Joonas Niilola <juippis@gentoo.org> dev-lang/mujs/Manifest | 2 -- dev-lang/mujs/mujs-1.2.0.ebuild | 61 ----------------------------------------- dev-lang/mujs/mujs-1.3.0.ebuild | 61 ----------------------------------------- 3 files changed, 124 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f6828b989009fecf980c109dc2a5c5349edd6314 commit f6828b989009fecf980c109dc2a5c5349edd6314 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-04 08:04:01 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-04 08:04:23 +0000 [ GLSA 202405-06 ] mujs: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/833453 Bug: https://bugs.gentoo.org/845399 Bug: https://bugs.gentoo.org/882775 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-06.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+)
