Summary: | <app-text/unrtf-0.21.9: out-of-bounds memory access vulnerability (CVE-2014-{9274,9275}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | robbat2 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1170233 | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-12-03 15:13:31 UTC
Good news: upstream is not dead. They released 0.21.6 which at least fixes some issues (including the two that got CVEs). Though there are more issues with unrtf. Upstream now released 0.21.8 which contains many more fixes for more issues. It seems pretty robust now. Please bump. +*unrtf-0.21.8 (22 Dec 2014) + + 22 Dec 2014; Lars Wendler <polynomial-c@gentoo.org> +unrtf-0.21.8.ebuild, + +files/unrtf-0.21.8-automake-fix.patch, + +files/unrtf-0.21.8-iconv-detection.patch: + Security bump (bug #531544). + CVE-2014-9275 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9275): UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file. CVE-2014-9274 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9274): UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999". Maintainer(s), please add arches when ready for stabilization. (In reply to Sean Amoss from comment #5) > Maintainer(s), please add arches when ready for stabilization. @maintainers: ping Arches, please test and mark stable: =app-text/unrtf-0.21.9 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86" Thank you! Stable for HPPA. amd64 stable x86 stable arm stable ia64 stable ppc stable ppc64 stable sparc stable alpha stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Maintainer(s), Thank you for you for cleanup. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s). Maintainer(s), Thank you for you for cleanup. This issue was resolved and addressed in GLSA 201507-06 at https://security.gentoo.org/glsa/201507-06 by GLSA coordinator Mikle Kolyada (Zlogene). |