Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 719248 (CVE-2019-11411, CVE-2019-11412, CVE-2019-11413)

Summary: <dev-lang/mujs-1.0.6: Multiple vulnerabilities (CVE-2019-{11411,11412,11413})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: maintainer-needed
Priority: Normal Keywords: CC-ARCHES
Version: unspecifiedFlags: nattka: sanity-check+
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa+ cve]
Package list:
=dev-lang/mujs-1.0.6 amd64 arm arm64 hppa ppc ppc64 s390 sparc x86
 Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 737034    

Description GLSAMaker/CVETool Bot gentoo-dev 2020-04-24 14:20:41 UTC 
CVE-2019-11413 (https://nvd.nist.gov/vuln/detail/CVE-2019-11413):
  An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion
  because the match function in regexp.c lacks a depth check.

CVE-2019-11412 (https://nvd.nist.gov/vuln/detail/CVE-2019-11412):
  An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a
  denial of service (invalid stack-frame jump) because it lacks an ENDTRY
  opcode call.

CVE-2019-11411 (https://nvd.nist.gov/vuln/detail/CVE-2019-11411):
  An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and
  numtostr implementations in jsnumber.c have a stack-based buffer overflow.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-24 14:24:02 UTC 
Let's just stabilise this now given it's been in tree a while and no bugs reported.
Comment 2 Agostino Sarubbo gentoo-dev 2020-04-26 14:18:12 UTC 
x86 stable
Comment 3 Agostino Sarubbo gentoo-dev 2020-04-26 14:19:46 UTC 
arm stable
Comment 4 Agostino Sarubbo gentoo-dev 2020-04-26 15:30:07 UTC 
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-04-26 15:31:04 UTC 
ppc stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-04-26 15:32:12 UTC 
ppc64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2020-04-26 15:32:49 UTC 
s390 stable
Comment 8 Agostino Sarubbo gentoo-dev 2020-04-26 15:33:15 UTC 
sparc stable
Comment 9 Rolf Eike Beer archtester 2020-04-27 17:48:56 UTC 
hppa stable
Comment 10 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-28 19:24:44 UTC 
arm64 stable
Comment 11 Larry the Git Cow gentoo-dev 2020-06-26 20:45:10 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9366bf8bbecf7e0245ffd8e6fb35967b9ebf7963

commit 9366bf8bbecf7e0245ffd8e6fb35967b9ebf7963
Author:     Sam James (sam_c) <sam@cmpct.info>
AuthorDate: 2020-06-19 17:48:34 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-06-26 20:42:03 +0000

    dev-lang/mujs: security cleanup
    
    Bug: https://bugs.gentoo.org/719248
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Sam James (sam_c) <sam@cmpct.info>
    Closes: https://github.com/gentoo/gentoo/pull/16327
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 dev-lang/mujs/Manifest          |  1 -
 dev-lang/mujs/mujs-1.0.5.ebuild | 55 -----------------------------------------
 2 files changed, 56 deletions(-)
Comment 12 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-07-27 23:02:24 UTC 
GLSA vote: yes
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2020-07-28 19:34:44 UTC 
This issue was resolved and addressed in
 GLSA 202007-52 at https://security.gentoo.org/glsa/202007-52
by GLSA coordinator Sam James (sam_c).