Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 358029 - <app-text/mupdf-0.8.15: Two Integer Overflow Vulnerabilities
Summary: <app-text/mupdf-0.8.15: Two Integer Overflow Vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/secunia_research/2...
Whiteboard: B2 [glsa]
Keywords:
: 361131 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-03-09 08:38 UTC by Yury German
Modified: 2014-12-26 18:39 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Yury German Gentoo Infrastructure gentoo-dev 2011-03-09 08:38:08 UTC
Secunia Research has discovered two vulnerabilities in MuPDF, which
can be exploited by malicious people to compromise a user's system.

1) An integer overflow error within the "loadsamplefunc()" function
in mupdf/pdf_function.c can be exploited to cause a heap-based buffer
overflow by e.g. tricking a user into opening a specially crafted PDF
file containing a sample function with a specially crafted size.

2) An integer overflow error within the "fz_newpixmap()" function in
fitz/res_pixmap.c can be exploited to cause a heap-based buffer
overflow by e.g. tricking a user into opening a specially crafted PDF
file containing an image with specially crafted dimensions.


Fixed in the Darcs repository.
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-03-29 15:10:56 UTC
*** Bug 361131 has been marked as a duplicate of this bug. ***
Comment 2 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-03-29 15:11:57 UTC
Arches, please stabilize mupdf-0.8.15.
Comment 3 Agostino Sarubbo gentoo-dev 2011-03-29 15:20:38 UTC
amd64 ok
Comment 4 Christoph Mende (RETIRED) gentoo-dev 2011-03-29 16:08:18 UTC
amd64 done, thanks Agostino
Comment 5 Michael Weber (RETIRED) gentoo-dev 2011-03-29 22:16:44 UTC
ppc done
Comment 6 Andreas Schürch gentoo-dev 2011-03-30 04:39:11 UTC
Tested on x86, looks good over here.
Comment 7 Myckel Habets 2011-03-30 05:28:23 UTC
Builds and runs fine on x86. Please mark stable for x86.
Comment 8 Michael Weber (RETIRED) gentoo-dev 2011-03-30 09:29:04 UTC
x86 stable

+  30 Mar 2011; Michael Weber <xmw@gentoo.org> -mupdf-0.7-r1.ebuild,
+  -mupdf-0.7_p20110212.ebuild, -files/mupdf-0.7-buildsystem.patch,
+  -files/mupdf-0.7-zoom.patch, -files/mupdf-0.7_p20110212-buildsystem.patch,
+  -files/mupdf-0.7_p20110212-zoom.patch, mupdf-0.8.15.ebuild:
+  x86 stable (thanks to Andreas Schürch and Myckel Habets for testing, bug
+  358029), removing old affected versions from tree

Can I close this now or does it need further attention from security?
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2011-03-30 13:39:00 UTC
(In reply to comment #8)
> 
> Can I close this now or does it need further attention from security?

Thanks, Michael. We take care of closing security bugs.

GLSA request filed.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2014-12-26 18:39:13 UTC
This issue was resolved and addressed in
 GLSA 201412-43 at http://security.gentoo.org/glsa/glsa-201412-43.xml
by GLSA coordinator Yury German (BlueKnight).