Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 553836 (CVE-2015-3279)

Summary: <net-print/cups-filters-1.0.71: Incorrect fix for heap-based buffer overflow (CVE-2015-3279)
Product: Gentoo Security Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: printing
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://seclists.org/oss-sec/2015/q3/18
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-07-03 10:01:57 UTC 
From ${URL}:
Hi,

Even with the patch for CVE-2015-3258 in version 1.0.70 it was possible
to trigger an integer overflow leading to a heap-based buffer overflow
using the same vector (specially crafted line sizes).

The integer overflow has been assigned CVE-2015-3279 and is fixed in
version 1.0.71. Apart from that, the patch also hardens against
possible crashes due to missing calloc() success checks.

Patch:
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7365

Red Hat bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1238990
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2015-07-03 12:25:17 UTC 
+*cups-filters-1.0.71 (03 Jul 2015)
+
+  03 Jul 2015; Andreas K. Huettel <dilfridge@gentoo.org>
+  +cups-filters-1.0.71.ebuild:
+  Version bump, bug 553836
+
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2015-07-03 12:29:09 UTC 
Arches please stabilize net-print/cups-filters-1.0.71
Target: all stable arches
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2015-07-04 05:20:47 UTC 
Stable for HPPA PPC64.
Comment 4 Tobias Klausmann (RETIRED) gentoo-dev 2015-07-04 11:39:07 UTC 
Stable on alpha.
Comment 5 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-04 17:07:35 UTC 
amd64 stable
Comment 6 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-09 18:23:18 UTC 
arm stable
Comment 7 Anthony Basile gentoo-dev 2015-07-15 20:19:51 UTC 
stable for ppc.
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-19 17:55:18 UTC 
x86 stable
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2015-07-19 20:27:52 UTC 
CVE-2015-3279 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3279):
  Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before
  1.0.71 allows remote attackers to cause a denial of service (crash) or
  possibly execute arbitrary code via a crafted line size in a print job,
  which triggers a heap-based buffer overflow.
Comment 10 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2015-07-22 15:13:14 UTC 
ia64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2015-07-23 09:39:52 UTC 
sparc stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 12 Yury German Gentoo Infrastructure gentoo-dev 2015-08-10 22:51:03 UTC 
Maintainer(s), Thank you for you for cleanup.
Added to an existing GLSA Request.

Maintainer(s), please drop the vulnerable version(s).
Comment 13 Manuel Rüger (RETIRED) gentoo-dev 2015-08-27 18:10:25 UTC 
Cleanup done.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2015-10-31 15:35:29 UTC 
This issue was resolved and addressed in
 GLSA 201510-08 at https://security.gentoo.org/glsa/201510-08
by GLSA coordinator Kristian Fiskerstrand (K_F).