Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 648700 (CVE-2018-7435, CVE-2018-7436, CVE-2018-7437, CVE-2018-7438, CVE-2018-7439) - <dev-libs/freexl-1.0.5: Multiple vulnerabilities (CVE-2018-{7435,7436,7437,7438, 7439})
Summary: <dev-libs/freexl-1.0.5: Multiple vulnerabilities (CVE-2018-{7435,7436,7437,74...
Status: RESOLVED FIXED
Alias: CVE-2018-7435, CVE-2018-7436, CVE-2018-7437, CVE-2018-7438, CVE-2018-7439
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-02-24 13:48 UTC by GLSAMaker/CVETool Bot
Modified: 2020-07-27 00:58 UTC (History)
1 user (show)

See Also:
Package list:
=dev-libs/freexl-1.0.5
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-24 13:48:55 UTC
CVE-2018-7439 (https://nvd.nist.gov/vuln/detail/CVE-2018-7439):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in the function read_mini_biff_next_record.

CVE-2018-7438 (https://nvd.nist.gov/vuln/detail/CVE-2018-7438):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in the parse_unicode_string function.

CVE-2018-7437 (https://nvd.nist.gov/vuln/detail/CVE-2018-7437):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in a memcpy call of the parse_SST function.

CVE-2018-7436 (https://nvd.nist.gov/vuln/detail/CVE-2018-7436):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in a pointer dereference of the parse_SST function.

CVE-2018-7435 (https://nvd.nist.gov/vuln/detail/CVE-2018-7435):
  An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer
  over-read in the freexl::destroy_cell function.


@Maintainers please bump 1.0.5 and call for stabilization when ready.

Thank you
Comment 1 Sam James gentoo-dev Security 2020-04-16 00:44:43 UTC
@maintainer(s): ping
Comment 2 Larry the Git Cow gentoo-dev 2020-06-29 19:51:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22716875c29b5592cef6cf307178118dd93d7fbe

commit 22716875c29b5592cef6cf307178118dd93d7fbe
Author:     John Helmert III <jchelmert3@posteo.net>
AuthorDate: 2020-06-28 07:30:00 +0000
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: 2020-06-29 19:48:48 +0000

    dev-libs/freexl: Security bump to 1.0.5
    
    Bug: https://bugs.gentoo.org/648700
    Package-Manager: Portage-2.3.103, Repoman-2.3.23
    Signed-off-by: John Helmert III <jchelmert3@posteo.net>
    Signed-off-by: Michał Górny <mgorny@gentoo.org>

 dev-libs/freexl/Manifest            |  1 +
 dev-libs/freexl/freexl-1.0.5.ebuild | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+)
Comment 3 Sergei Trofimovich gentoo-dev 2020-07-06 07:27:56 UTC
ppc/ppc64 stable
Comment 4 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2020-07-08 10:59:27 UTC
amd64 done
Comment 5 Sam James gentoo-dev Security 2020-07-09 00:55:21 UTC
arm64 stable
Comment 6 Sam James gentoo-dev Security 2020-07-17 00:05:06 UTC
x86: ping
Comment 7 Agostino Sarubbo gentoo-dev 2020-07-17 07:44:30 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 8 Larry the Git Cow gentoo-dev 2020-07-18 00:00:43 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1eddf81c332062a56d3c07bd305f53c151033959

commit 1eddf81c332062a56d3c07bd305f53c151033959
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2020-07-17 21:30:15 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2020-07-17 23:59:58 +0000

    dev-libs/freexl: security cleanup
    
    Bug: https://bugs.gentoo.org/648700
    Package-Manager: Portage-2.3.103, Repoman-2.3.23
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-libs/freexl/Manifest            |  2 --
 dev-libs/freexl/freexl-1.0.1.ebuild | 29 -----------------------------
 dev-libs/freexl/freexl-1.0.2.ebuild | 29 -----------------------------
 3 files changed, 60 deletions(-)
Comment 9 Sam James gentoo-dev Security 2020-07-18 00:11:47 UTC
GLSA vote: yes

Tree is clean.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2020-07-27 00:58:36 UTC
This issue was resolved and addressed in
 GLSA 202007-44 at https://security.gentoo.org/glsa/202007-44
by GLSA coordinator Sam James (sam_c).