Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 648700 (CVE-2018-7435, CVE-2018-7436, CVE-2018-7437, CVE-2018-7438, CVE-2018-7439)

Summary: <dev-libs/freexl-1.0.5: Multiple vulnerabilities (CVE-2018-{7435,7436,7437,7438, 7439})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: sci-geosciences
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/gentoo/gentoo/pull/16464
Whiteboard: B3 [glsa+ cve]
Package list:
=dev-libs/freexl-1.0.5
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-24 13:48:55 UTC
CVE-2018-7439 (https://nvd.nist.gov/vuln/detail/CVE-2018-7439):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in the function read_mini_biff_next_record.

CVE-2018-7438 (https://nvd.nist.gov/vuln/detail/CVE-2018-7438):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in the parse_unicode_string function.

CVE-2018-7437 (https://nvd.nist.gov/vuln/detail/CVE-2018-7437):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in a memcpy call of the parse_SST function.

CVE-2018-7436 (https://nvd.nist.gov/vuln/detail/CVE-2018-7436):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in a pointer dereference of the parse_SST function.

CVE-2018-7435 (https://nvd.nist.gov/vuln/detail/CVE-2018-7435):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in the freexl::destroy_cell function.


@Maintainers please bump 1.0.5 and call for stabilization when ready.

Thank you
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-16 00:44:43 UTC
@maintainer(s): ping
Comment 2 Larry the Git Cow gentoo-dev 2020-06-29 19:51:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22716875c29b5592cef6cf307178118dd93d7fbe

commit 22716875c29b5592cef6cf307178118dd93d7fbe
Author:     John Helmert III <jchelmert3@posteo.net>
AuthorDate: 2020-06-28 07:30:00 +0000
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: 2020-06-29 19:48:48 +0000

    dev-libs/freexl: Security bump to 1.0.5
    
    Bug: https://bugs.gentoo.org/648700
    Package-Manager: Portage-2.3.103, Repoman-2.3.23
    Signed-off-by: John Helmert III <jchelmert3@posteo.net>
    Signed-off-by: Michał Górny <mgorny@gentoo.org>

 dev-libs/freexl/Manifest            |  1 +
 dev-libs/freexl/freexl-1.0.5.ebuild | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+)
Comment 3 Sergei Trofimovich (RETIRED) gentoo-dev 2020-07-06 07:27:56 UTC
ppc/ppc64 stable
Comment 4 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2020-07-08 10:59:27 UTC
amd64 done
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-07-09 00:55:21 UTC
arm64 stable
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-07-17 00:05:06 UTC
x86: ping
Comment 7 Agostino Sarubbo gentoo-dev 2020-07-17 07:44:30 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 8 Larry the Git Cow gentoo-dev 2020-07-18 00:00:43 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1eddf81c332062a56d3c07bd305f53c151033959

commit 1eddf81c332062a56d3c07bd305f53c151033959
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2020-07-17 21:30:15 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2020-07-17 23:59:58 +0000

    dev-libs/freexl: security cleanup
    
    Bug: https://bugs.gentoo.org/648700
    Package-Manager: Portage-2.3.103, Repoman-2.3.23
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-libs/freexl/Manifest            |  2 --
 dev-libs/freexl/freexl-1.0.1.ebuild | 29 -----------------------------
 dev-libs/freexl/freexl-1.0.2.ebuild | 29 -----------------------------
 3 files changed, 60 deletions(-)
Comment 9 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-07-18 00:11:47 UTC
GLSA vote: yes

Tree is clean.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2020-07-27 00:58:36 UTC
This issue was resolved and addressed in
 GLSA 202007-44 at https://security.gentoo.org/glsa/202007-44
by GLSA coordinator Sam James (sam_c).