Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 494722 (CVE-2013-6836) - <app-office/gnumeric-1.12.9: heap-based buffer overflow in ms_escher_get_data function (CVE-2013-6836)
Summary: <app-office/gnumeric-1.12.9: heap-based buffer overflow in ms_escher_get_data...
Status: RESOLVED FIXED
Alias: CVE-2013-6836
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2013-12-19 10:14 UTC by Agostino Sarubbo
Modified: 2016-02-20 14:56 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-12-19 10:14:07 UTC
From ${URL} :

Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6836 to the following vulnerability:

Name: CVE-2013-6836
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6836
Assigned: 20131120
Reference: https://bugzilla.gnome.org/show_bug.cgi?id=712772
Reference: https://git.gnome.org/browse/gnumeric/commit/?id=b5480b69345b3c6d56ee0ed9c9e9880bb2a08cdc
Reference: https://projects.gnome.org/gnumeric/announcements/1.12/gnumeric-1.12.9.shtml

Heap-based buffer overflow in the ms_escher_get_data function in plugins/excel/ms-escher.c in GNOME Office 
Gnumeric before 1.12.9 allows remote attackers to cause a denial of service (crash) via a crafted xls file 
with a crafted length value.


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2014-01-05 02:56:55 UTC
CVE-2013-6836 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6836):
  Heap-based buffer overflow in the ms_escher_get_data function in
  plugins/excel/ms-escher.c in GNOME Office Gnumeric before 1.12.9 allows
  remote attackers to cause a denial of service (crash) via a crafted xls file
  with a crafted length value.
Comment 2 Pacho Ramos gentoo-dev 2014-01-05 10:35:00 UTC
+*goffice-0.10.9 (05 Jan 2014)
+
+  05 Jan 2014; Pacho Ramos <pacho@gentoo.org> +goffice-0.10.9.ebuild:
+  Version bump
+
+*gnumeric-1.12.9 (05 Jan 2014)
+
+  05 Jan 2014; Pacho Ramos <pacho@gentoo.org> +gnumeric-1.12.9.ebuild,
+  -gnumeric-1.12.7.ebuild:
+  Version bump, drop old
+

Feel free to CC arches when you need it
Comment 3 Pacho Ramos gentoo-dev 2014-05-31 09:39:24 UTC
the fixed versions were stabilized time ago
Comment 4 Pacho Ramos gentoo-dev 2014-06-01 13:30:41 UTC
stabilized in bug 499954
Comment 5 Pacho Ramos gentoo-dev 2016-02-20 13:06:08 UTC
also affected ebuilds were removed
Comment 6 Kristian Fiskerstrand (RETIRED) gentoo-dev 2016-02-20 14:09:16 UTC
GLSA Vote: No