CVE-2018-7439 (https://nvd.nist.gov/vuln/detail/CVE-2018-7439): An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function read_mini_biff_next_record. CVE-2018-7438 (https://nvd.nist.gov/vuln/detail/CVE-2018-7438): An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function. CVE-2018-7437 (https://nvd.nist.gov/vuln/detail/CVE-2018-7437): An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function. CVE-2018-7436 (https://nvd.nist.gov/vuln/detail/CVE-2018-7436): An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST function. CVE-2018-7435 (https://nvd.nist.gov/vuln/detail/CVE-2018-7435): An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function. @Maintainers please bump 1.0.5 and call for stabilization when ready. Thank you
@maintainer(s): ping
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22716875c29b5592cef6cf307178118dd93d7fbe commit 22716875c29b5592cef6cf307178118dd93d7fbe Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-06-28 07:30:00 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2020-06-29 19:48:48 +0000 dev-libs/freexl: Security bump to 1.0.5 Bug: https://bugs.gentoo.org/648700 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-libs/freexl/Manifest | 1 + dev-libs/freexl/freexl-1.0.5.ebuild | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+)
ppc/ppc64 stable
amd64 done
arm64 stable
x86: ping
x86 stable. Maintainer(s), please cleanup. Security, please vote.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1eddf81c332062a56d3c07bd305f53c151033959 commit 1eddf81c332062a56d3c07bd305f53c151033959 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-17 21:30:15 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-17 23:59:58 +0000 dev-libs/freexl: security cleanup Bug: https://bugs.gentoo.org/648700 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/freexl/Manifest | 2 -- dev-libs/freexl/freexl-1.0.1.ebuild | 29 ----------------------------- dev-libs/freexl/freexl-1.0.2.ebuild | 29 ----------------------------- 3 files changed, 60 deletions(-)
GLSA vote: yes Tree is clean.
This issue was resolved and addressed in GLSA 202007-44 at https://security.gentoo.org/glsa/202007-44 by GLSA coordinator Sam James (sam_c).