Summary: | <app-text/xpdf-4.01.01: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | bircoph |
Priority: | Low | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://forum.xpdfreader.com/viewtopic.php?f=3&t=41262 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=681140 | ||
Whiteboard: | ~3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2019-03-21 06:36:18 UTC
Reference [2] suggests CVE-2019-9877, research does not return any such CVE [2] Reference: https://research.loginsoft.com/vulnerability/invalid-memory-access-in-textpagefindgaps-xpdf-4-01/ (https://nvd.nist.gov/vuln/detail/CVE-2019-9588): There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. [3]Reference: https://research.loginsoft.com/vulnerability/invalid-memory-access-in-gatomiccounter-gatomicincrement-xpdf-4-01/ The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0a41a80fe3a6ef79385c29bb540684f9aa00d42f commit 0a41a80fe3a6ef79385c29bb540684f9aa00d42f Author: Andrew Savchenko <bircoph@gentoo.org> AuthorDate: 2019-03-21 10:59:47 +0000 Commit: Andrew Savchenko <bircoph@gentoo.org> CommitDate: 2019-03-21 11:00:32 +0000 app-text/xpdf: remove old and vulnerable version Bug: https://bugs.gentoo.org/681112 Bug: https://bugs.gentoo.org/681140 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> app-text/xpdf/Manifest | 1 - app-text/xpdf/xpdf-4.0.1.ebuild | 116 ---------------------------------------- 2 files changed, 117 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b695c59184713a18e2a7809f40088eff130afb6 commit 6b695c59184713a18e2a7809f40088eff130afb6 Author: Andrew Savchenko <bircoph@gentoo.org> AuthorDate: 2019-03-21 10:55:44 +0000 Commit: Andrew Savchenko <bircoph@gentoo.org> CommitDate: 2019-03-21 11:00:31 +0000 app-text/xpdf: security version bump xpdf-4.01.01 fixes several vulnerabilities and problems reported by Loginsoft, including CVE-2019-9589. CVE-2019-9588 and CVE-2019-9587 are probably fixed as well, but it is not clear from ChangeLog: The PDFDoc(BaseStream) initializer wasn't working correctly. Fixed a missing array bounds check in PSOutputDev. [Thanks to Loginsoft for the bug report.] ^-- CVE-2019-9589 If the "U" string used for RC4 decryption is short, Adobe apparently zero-pads it, so Xpdf now does the same. ^-- Maybe CVE-2019-9588 Pdffonts now checks more carefully for loops between objects. ^-- Looks like CVE-2019-9587 Fixed a problem parsing large real numbers. [Thanks to Loginsoft for the bug report.] Bug: https://bugs.gentoo.org/681112 Bug: https://bugs.gentoo.org/681140 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> app-text/xpdf/Manifest | 1 + app-text/xpdf/xpdf-4.01.01.ebuild | 113 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 114 insertions(+) Andrew Savchenko - Thank you for the timely response. ping @security, please add to CVETool. |