CVE-2022-38784: Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. Fixed in: https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1261/diffs?commit_id=27354e9d9696ee2bc063910a6c9a6b27c5184a52 See also: https://gist.github.com/zmanion/b2ed0d1a0cec163ecd07d5e3d9740dc6 Please bump to 22.09.0.
Fixes CVE-2021-30860 too (https://github.com/freedesktop/poppler/commit/27354e9d9696ee2bc063910a6c9a6b27c5184a52). "An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." https://www.sans.org/blog/what-you-need-to-know-about-cve-2021-30860-aka-forcedentry/
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=819d8f855df663924e6c124088cdc215653f852a commit 819d8f855df663924e6c124088cdc215653f852a Author: Sam James <sam@gentoo.org> AuthorDate: 2022-09-02 02:26:55 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-09-02 02:27:10 +0000 app-text/poppler: add 22.09.0 Bug: https://bugs.gentoo.org/867958 Signed-off-by: Sam James <sam@gentoo.org> app-text/poppler/Manifest | 2 + app-text/poppler/poppler-22.09.0.ebuild | 134 ++++++++++++++++++++++++++++++++ app-text/poppler/poppler-9999.ebuild | 2 +- 3 files changed, 137 insertions(+), 1 deletion(-)
(In reply to Sam James from comment #1) > Fixes CVE-2021-30860 too > (https://github.com/freedesktop/poppler/commit/ > 27354e9d9696ee2bc063910a6c9a6b27c5184a52). > > "An integer overflow was addressed with improved input validation. This > issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS > 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted > PDF may lead to arbitrary code execution. Apple is aware of a report that > this issue may have been actively exploited." > > https://www.sans.org/blog/what-you-need-to-know-about-cve-2021-30860-aka- > forcedentry/ (fwiw, I'm not convinced at all it's actually this, unless Apple is vendoring a lot of Poppler, but...)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a5c8dc5fbd1bff22f355891078c55c777c532c93 commit a5c8dc5fbd1bff22f355891078c55c777c532c93 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-09-02 02:41:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-09-02 02:41:41 +0000 app-text/poppler: unkeyword 22.09.0 for a moment LO needs a patch Bug: https://bugs.gentoo.org/867958 Signed-off-by: Sam James <sam@gentoo.org> app-text/poppler/poppler-22.09.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
commit 5908d48769d80baedb730c61b2605a983d97bb0f (HEAD -> master, origin/master, origin/HEAD) Author: Sam James <sam@gentoo.org> Date: Fri Sep 2 05:37:21 2022 +0100 app-office/scribus: fix build with Poppler 22.09.0 Signed-off-by: Sam James <sam@gentoo.org> commit 9f2169be9339bfaad54aa9bf60373ff01a79f8c3 Author: Sam James <sam@gentoo.org> Date: Fri Sep 2 05:25:00 2022 +0100 media-gfx/inkscape: fix build with Poppler 22.09.0 Signed-off-by: Sam James <sam@gentoo.org> commit 3fe3e0dc873e97eb1bb5ccb2846fffee35182caa Author: Sam James <sam@gentoo.org> Date: Fri Sep 2 05:20:17 2022 +0100 app-office/libreoffice: fix build with Poppler 22.09.0 Signed-off-by: Sam James <sam@gentoo.org>
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f27c346bd97bc4dad857c09cdec1f06766020aa commit 8f27c346bd97bc4dad857c09cdec1f06766020aa Author: Sam James <sam@gentoo.org> AuthorDate: 2022-09-02 04:40:34 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-09-02 05:33:19 +0000 app-text/poppler: keyword 22.09.0 I swear I did try LO + Scribus beforehand! But didn't have have pdfimport on and I have no idea about Scribus. All fixed now. Bug: https://bugs.gentoo.org/867958 Signed-off-by: Sam James <sam@gentoo.org> app-text/poppler/poppler-22.09.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=24c3c45a48d60afb92442f5f869534360b8bdef4 commit 24c3c45a48d60afb92442f5f869534360b8bdef4 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-09-29 14:23:57 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-29 14:48:01 +0000 [ GLSA 202209-21 ] Poppler: Arbitrary Code Execution Bug: https://bugs.gentoo.org/867958 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202209-21.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8bcfcfa95f14ed5ebd402f323b9959006a3ab0c1 commit 8bcfcfa95f14ed5ebd402f323b9959006a3ab0c1 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2022-10-12 18:00:26 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2022-10-12 18:22:17 +0000 app-text/poppler: unkeyword 22.07.0 Bug: https://bugs.gentoo.org/867958 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> app-text/poppler/poppler-22.07.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4f72879034c37c6d73333bd823185bd879f33166 commit 4f72879034c37c6d73333bd823185bd879f33166 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2022-10-21 07:19:13 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2022-10-21 07:19:39 +0000 app-text/poppler: unkeyword 22.07.0 for arm64, ppc Only ppc64 remains. Bug: https://bugs.gentoo.org/867958 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> app-text/poppler/poppler-22.07.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
cleanup done.
Perfect, kde proj out.
All done! \o/