Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 624708 (CVE-2017-2820) - <app-text/poppler-0.57.0-r1: Integer overflow in the JPEG 2000 image parsing functionality
Summary: <app-text/poppler-0.57.0-r1: Integer overflow in the JPEG 2000 image parsing ...
Status: RESOLVED FIXED
Alias: CVE-2017-2820
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on: CVE-2017-9083
Blocks:
  Show dependency tree
 
Reported: 2017-07-12 15:26 UTC by Agostino Sarubbo
Modified: 2018-01-17 13:43 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-07-12 15:26:00 UTC
From ${URL} :

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler. A specially crafted PDF file can lead to an integer overflow causing out of 
bounds memory overwrite on the heap resulting in potential arbitrary code execution. To trigger this vulnerability, a victim must open the malicious PDF in an application using this library.

External References:

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0321


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2017-08-10 07:23:12 UTC
setting dependency to stabilization bug.
Comment 2 Michael Palimaka (kensington) gentoo-dev 2017-09-21 13:03:29 UTC
Removing dependency, there's no evidence that this is fixed.
Comment 3 Larry the Git Cow gentoo-dev 2017-11-24 23:07:52 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b0f7e72d6950013ea98f65116dc44cedd8923dd5

commit b0f7e72d6950013ea98f65116dc44cedd8923dd5
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2017-11-24 22:55:47 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2017-11-24 23:06:22 +0000

    app-text/poppler: Fix CVE-2017-{2820,9083}
    
    Bug: https://bugs.gentoo.org/619558
    Bug: https://bugs.gentoo.org/624708
    Package-Manager: Portage-2.3.16, Repoman-2.3.6

 .../poppler-0.57.0-disable-internal-jpx.patch      | 25 ++++++++++++++++++++++
 app-text/poppler/poppler-0.57.0-r1.ebuild          |  1 +
 2 files changed, 26 insertions(+)}
Comment 4 Larry the Git Cow gentoo-dev 2017-12-20 23:08:23 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=25a02f548c6203536c02e119b06d16a80be7fc73

commit 25a02f548c6203536c02e119b06d16a80be7fc73
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2017-12-20 23:07:07 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2017-12-20 23:07:55 +0000

    app-text/poppler: Fix CVE-2017-{2820,9083}
    
    Bug: https://bugs.gentoo.org/619558
    Bug: https://bugs.gentoo.org/624708
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 app-text/poppler/poppler-0.61.1.ebuild | 1 +
 app-text/poppler/poppler-0.62.0.ebuild | 1 +
 app-text/poppler/poppler-9999.ebuild   | 1 +
 3 files changed, 3 insertions(+)}
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2018-01-15 23:12:07 UTC
Added to existing GLSA.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2018-01-17 13:43:33 UTC
This issue was resolved and addressed in
 GLSA 201801-17 at https://security.gentoo.org/glsa/201801-17
by GLSA coordinator Aaron Bauman (b-man).