CVE-2017-7698 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7698): A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. CVE-2017-11101 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11101): When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_Relocate() function in lib/modules/swftools.c. CVE-2017-11100 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11100): When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swf_FoldSprite() function in lib/rxfswf.c. CVE-2017-11099 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11099): When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wav_convert2mono() function in lib/wav.c. CVE-2017-11098 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11098): When SWFTools 0.9.2 processes a crafted file in png2swf, it can lead to a Segmentation Violation in the png_load() function in lib/png.c. CVE-2017-11097 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11097): When SWFTools 0.9.2 processes a crafted file in swfc, it can lead to a NULL Pointer Dereference in the dict_lookup() function in lib/q.c. CVE-2017-11096 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11096): When SWFTools 0.9.2 processes a crafted file in swfcombine, it can lead to a NULL Pointer Dereference in the swf_DeleteFilter() function in lib/modules/swffilter.c. CVE-2017-10976 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-10976): When SWFTools 0.9.2 processes a crafted file in ttftool, it can lead to a heap-based buffer over-read in the readBlock() function in lib/ttf.c.
CVE-2017-7698 Patch: (https://github.com/matthiaskramm/swftools/commit/c7747f4b10739bd365c3e79d153b99fbfac9a4ac) Adding an associated patch and URL for reference. Gentoo Security Padawan Daj Uan (jmbailey)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b1d6b78e63660d748d81395bb01c5c63d553cf37 commit b1d6b78e63660d748d81395bb01c5c63d553cf37 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2019-03-29 23:49:20 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2019-03-29 23:49:20 +0000 package.mask: Last-rite media-gfx/swftools * Multiple outstanding security vulnerabilities * No upstream releases in years * Maintainers have not patched Bug: https://bugs.gentoo.org/617252 Bug: https://bugs.gentoo.org/635208 Bug: https://bugs.gentoo.org/637172 Bug: https://bugs.gentoo.org/650888 Signed-off-by: Aaron Bauman <bman@gentoo.org> profiles/package.mask | 6 ++++++ 1 file changed, 6 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32edfe461d949f5b809fefe51e0248c2c27f53b4 commit 32edfe461d949f5b809fefe51e0248c2c27f53b4 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2019-04-28 20:01:03 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-04-28 20:02:33 +0000 media-gfx/swftools: Remove last-rited pkg Bug: https://bugs.gentoo.org/650888 Bug: https://bugs.gentoo.org/637172 Bug: https://bugs.gentoo.org/635208 Bug: https://bugs.gentoo.org/617252 Signed-off-by: Michał Górny <mgorny@gentoo.org> media-gfx/swftools/Manifest | 1 - .../swftools/files/swftools-0.9.2-jpeg-9.patch | 17 ----- .../swftools/files/swftools-0.9.2_general.patch | 28 ------- .../swftools/files/swftools-0.9.2_giflib.patch | 89 ---------------------- .../swftools/files/swftools-0.9.2_giflib5.patch | 26 ------- .../swftools/files/swftools-0.9.2_nopdf.patch | 40 ---------- media-gfx/swftools/metadata.xml | 5 -- media-gfx/swftools/swftools-0.9.2-r1.ebuild | 48 ------------ profiles/package.mask | 6 -- 9 files changed, 260 deletions(-)
