Summary: | <sci-mathematics/pspp-1.2.0-r1: reachable assertion abort in function write_long_string_missing_values() in data/sys-file-writer.c lead to denial of service | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, sci-mathematics |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1684371 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2019-03-04 08:22:31 UTC
Patch: https://git.savannah.gnu.org/cgit/pspp.git/commit/?id=0b842a84353790534a401e09a8d3bdd3d25bc3a6 @Maintainer(s), please let us know if you can apply this patch, or create a new ebuild. We've got another one patched in 2.3.0. 2) CVE-2018-20230 Description: "An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact." @Maintainers: please advise if it's possible make a new ebuild to 2.3.0. (In reply to Sam James from comment #2) > We've got another one patched in 2.3.0. > > 2) CVE-2018-20230 > Description: > "An issue was discovered in PSPP 1.2.0. There is a heap-based buffer > overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, > which allows attackers to cause a denial of service (application crash) or > possibly have unspecified other impact." Patch: https://git.savannah.gnu.org/cgit/pspp.git/commit/?id=abd1f816ca3b4f382bddf4564ad092aa934f0ccc The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e42197fcabcd1372267affa74297e1e9c19c092 commit 2e42197fcabcd1372267affa74297e1e9c19c092 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-10-04 16:38:32 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2020-10-04 16:38:32 +0000 sci-mathematics/pspp: Add security patches This fixes several QA issues, adds a missing dependency, fixes compiling with GCC 10, fixes tests, and adds patches for security. Bug: https://bugs.gentoo.org/679392 Closes: https://bugs.gentoo.org/674362 Closes: https://bugs.gentoo.org/677282 Closes: https://bugs.gentoo.org/682342 Closes: https://bugs.gentoo.org/708548 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/16785 Signed-off-by: David Seifert <soap@gentoo.org> .../pspp/files/pspp-1.2.0-CVE-2018-20230.patch | 134 +++++++++++++++++++++ .../pspp/files/pspp-1.2.0-CVE-2019-9211.patch | 74 ++++++++++++ .../pspp/files/pspp-1.2.0-fix-gcc10.patch | 30 +++++ .../pspp/files/pspp-1.2.0-fix-overflow.patch | 32 +++++ .../pspp/files/pspp-1.2.0-fix-segfaults.patch | 45 +++++++ .../pspp/files/pspp-1.2.0-fix-tests.patch | 61 ++++++++++ sci-mathematics/pspp/files/pspp-1.2.0-py3.patch | 38 ++++++ sci-mathematics/pspp/pspp-1.2.0-r1.ebuild | 112 +++++++++++++++++ 8 files changed, 526 insertions(+) x86 stable amd64 done all arches done Resetting sanity check; package list is empty or all packages are done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65b93994396ad5d40389327728e3457b24c29d61 commit 65b93994396ad5d40389327728e3457b24c29d61 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-11-26 19:19:45 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-26 19:41:31 +0000 sci-mathematics/pspp: security cleanup (<1.2.0-r1) Bug: https://bugs.gentoo.org/679392 Package-Manager: Portage-3.0.10, Repoman-3.0.2 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/18416 Signed-off-by: Sam James <sam@gentoo.org> sci-mathematics/pspp/pspp-1.2.0.ebuild | 79 ---------------------------------- 1 file changed, 79 deletions(-) |