Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 590480 (CVE-2016-6525) - <app-text/mupdf-1.10: heap overflow in pdf_load_mesh_params() (CVE-2016-6525)
Summary: <app-text/mupdf-1.10: heap overflow in pdf_load_mesh_params() (CVE-2016-6525)
Status: RESOLVED FIXED
Alias: CVE-2016-6525
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B2 [glsa cve]
Keywords:
Depends on: 606882
Blocks:
  Show dependency tree
 
Reported: 2016-08-04 15:32 UTC by Agostino Sarubbo
Modified: 2017-02-19 12:50 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-08-04 15:32:06 UTC
From ${URL} :

A heap overflow vulnerability leading to a crash was found in the "pdf_load_mesh_params" function in "source/pdf/pdf-shade.c".

Upstream bug:

http://bugs.ghostscript.com/show_bug.cgi?id=696954

Upstream patch:

http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e

Original report and CVE request:

http://seclists.org/oss-sec/2016/q3/235


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2016-11-26 01:52:15 UTC
CVE-2016-6525 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6525):
  Heap-based buffer overflow in the pdf_load_mesh_params function in
  pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of
  service (crash) or execute arbitrary code via a large decode array.
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-11-26 01:54:34 UTC
Fixed in 1.10 upstream.
Comment 3 Thomas Deutschmann gentoo-dev Security 2017-01-24 18:29:50 UTC
Stabilization happens in bug 589826.
Comment 4 Michael Weber (RETIRED) gentoo-dev 2017-02-05 17:26:25 UTC
commit 2af6b2174d988ef90e8178a6c13839d33af70f35
Author: Michael Weber <xmw@gentoo.org>
Date:   Sun Feb 5 18:24:55 2017 +0100

    app-text/mupdf: Remove old versions (bug 600674, 590480, 589826).
    
    Package-Manager: Portage-2.3.3, Repoman-2.3.1
Comment 5 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-02-05 22:37:34 UTC
GLSA request filed
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2017-02-19 12:50:54 UTC
This issue was resolved and addressed in
 GLSA 201702-12 at https://security.gentoo.org/glsa/201702-12
by GLSA coordinator Thomas Deutschmann (whissi).