From https://bugzilla.redhat.com/show_bug.cgi?id=1444104: jbig2dec has a heap-based buffer over-read leading to denial of service (application crash) because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file. Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697703 From https://bugzilla.redhat.com/show_bug.cgi?id=1443940: Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code. Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697693 From https://bugzilla.redhat.com/show_bug.cgi?id=1443897: Artifex jbig2dec allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash). Upstream bug: https://bugs.ghostscript.com/show_bug.cgi?id=697683 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Upstream fixes: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b184e783702246e15 http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5e57e483298dae8b http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ed6c5133a1004ce8d
Patched in our -r3.
(In reply to Andreas K. Hüttel from comment #2) > Patched in our -r3. Nope, there was a stray # in the ebuild. Patched in our -r4.
Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself.
Please stabilize media-libs/jbig2dec-0.13-r4 (all stable arches)
x86 stable
amd64 stable
Stable on alpha.
ppc stable
ppc64 stable
arm stable
ia64 stable
sparc stable
Arches or maintainers please stabilize for hppa ASAP. Security will release GLSA for this in 7 days with or without hppa arch being stable.
This issue was resolved and addressed in GLSA 201708-10 at https://security.gentoo.org/glsa/201708-10 by GLSA coordinator Aaron Bauman (b-man).
@maintainer(s), reopening for cleanup. HPPA is still pending stable as well. Please drop vulnerable versions from the tree. If you so choose, please drop hppa support during cleanup.
Slyfox, this is holding up a security bug. Please stabilize or drop from stable keywords for hppa.
hppa stable
Thank you all, Closing as GLSA was already released. Gentoo Security Padawan ChrisADR