"1) CVE-2022-46285: Infinite loop on unclosed comments 2) CVE-2022-44617: Runaway loop on width of 0 and enormous height 3) CVE-2022-4883: compression commands depend on $PATH" As discussed on oss-security, https://www.openwall.com/lists/oss-security/2023/02/01/5 "Distros & others packaging the OpenMotif library (or the older commercial Motif library) may wish to compare our changes to the files under the src directory in libXpm with the corresponding files with an "Xpm" prefix on the file name in the OpenMotif lib/Xm directory. For example: https://gitlab.freedesktop.org/xorg/lib/libxpm/-/blob/master/src/parse.c vs. https://sourceforge.net/p/motif/code/ci/master/tree/lib/Xm/Xpmparse.c"
(In reply to John Helmert III from comment #0) > "Distros & others packaging the OpenMotif library (or the older commercial > Motif library) may wish to compare our changes to the files under the > src directory in libXpm with the corresponding files with an "Xpm" prefix > on the file name in the OpenMotif lib/Xm directory. That's not very helpful. Do they provide a patch?
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/dev/ulm.git/commit/?id=8bc5d9b1b39f71ec331e3d409b9a0be1eea1dbf0 commit 8bc5d9b1b39f71ec331e3d409b9a0be1eea1dbf0 Author: Ulrich Müller <ulm@gentoo.org> AuthorDate: 2023-03-11 08:58:59 +0000 Commit: Ulrich Müller <ulm@gentoo.org> CommitDate: 2023-03-11 08:58:59 +0000 motif: Fix vulnerabilities in lib/Xm Bug: https://bugs.gentoo.org/900763 Signed-off-by: Ulrich Müller <ulm@gentoo.org> patchsets/motif/2.3.8/13_all_xpm-comments.patch | 22 ++++ patchsets/motif/2.3.8/14_all_xpm-width-0.patch | 155 ++++++++++++++++++++++++ 2 files changed, 177 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2391b86a36c37ec64eb677b4822fb3063e76bde2 commit 2391b86a36c37ec64eb677b4822fb3063e76bde2 Author: Ulrich Müller <ulm@gentoo.org> AuthorDate: 2023-03-11 09:12:00 +0000 Commit: Ulrich Müller <ulm@gentoo.org> CommitDate: 2023-03-11 09:12:00 +0000 x11-libs/motif: Fix vulnerabilities in lib/Xm Bug: https://bugs.gentoo.org/900763 Signed-off-by: Ulrich Müller <ulm@gentoo.org> x11-libs/motif/Manifest | 1 + x11-libs/motif/motif-2.3.8-r5.ebuild | 112 +++++++++++++++++++++++++++++++++++ 2 files changed, 113 insertions(+)
(In reply to John Helmert III from comment #0) > 1) CVE-2022-46285: Infinite loop on unclosed comments > 2) CVE-2022-44617: Runaway loop on width of 0 and enormous height I have ported the patches for these two. > 3) CVE-2022-4883: compression commands depend on $PATH" This one is not done, as the patches are very intrusive. Also I don't understand why usage of PATH would introduce any vulnerabilities.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eebf1f31a05bd167a072a042b09b40cc0bb4afd5 commit eebf1f31a05bd167a072a042b09b40cc0bb4afd5 Author: Ulrich Müller <ulm@gentoo.org> AuthorDate: 2023-03-24 16:05:58 +0000 Commit: Ulrich Müller <ulm@gentoo.org> CommitDate: 2023-03-24 16:05:58 +0000 x11-libs/motif: drop 2.3.8-r3, 2.3.8-r4 Bug: https://bugs.gentoo.org/900763 Signed-off-by: Ulrich Müller <ulm@gentoo.org> x11-libs/motif/Manifest | 2 - x11-libs/motif/motif-2.3.8-r3.ebuild | 109 ---------------------------------- x11-libs/motif/motif-2.3.8-r4.ebuild | 112 ----------------------------------- 3 files changed, 223 deletions(-)
