From https://bugzilla.redhat.com/show_bug.cgi?id=1475517: A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop". Upstream bug: https://github.com/qpdf/qpdf/issues/118 Upstream patch: https://github.com/jberkenbilt/qpdf/commit/2f56805a397b4d264bcfdfc248765990084c2933 https://github.com/jberkenbilt/qpdf/commit/97c9344c4b878ddc4723486640688d2d3d38ad32 https://github.com/qpdf/qpdf/commit/ac3c81a8edcb44e2669485630d6718c96a6ad6e9 References: http://somevulnsofadlab.blogspot.com.br/2017/07/qpdfan-infinite-loop-in-libqpdf_21.html From https://bugzilla.redhat.com/show_bug.cgi?id=1475514: A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop". Upstream bug: https://github.com/qpdf/qpdf/issues/119 Upstream patch: https://github.com/jberkenbilt/qpdf/commit/2f56805a397b4d264bcfdfc248765990084c2933 https://github.com/jberkenbilt/qpdf/commit/97c9344c4b878ddc4723486640688d2d3d38ad32 https://github.com/qpdf/qpdf/commit/ac3c81a8edcb44e2669485630d6718c96a6ad6e9 References: http://somevulnsofadlab.blogspot.com.br/2017/07/qpdfan-infinite-loop-in-libqpdf_65.html From https://bugzilla.redhat.com/show_bug.cgi?id=1475510: A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop". Upstream bug: https://github.com/qpdf/qpdf/issues/120 Upstream patch: https://github.com/jberkenbilt/qpdf/commit/2f56805a397b4d264bcfdfc248765990084c2933 https://github.com/jberkenbilt/qpdf/commit/97c9344c4b878ddc4723486640688d2d3d38ad32 https://github.com/qpdf/qpdf/commit/ac3c81a8edcb44e2669485630d6718c96a6ad6e9 References: http://somevulnsofadlab.blogspot.com.br/2017/07/qpdfan-infinite-loop-in-libqpdf_26.html From https://bugzilla.redhat.com/show_bug.cgi?id=1475507: A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after two consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite loop". Upstream bug: https://github.com/qpdf/qpdf/issues/117 Upstream patch: https://github.com/jberkenbilt/qpdf/commit/2f56805a397b4d264bcfdfc248765990084c2933 https://github.com/jberkenbilt/qpdf/commit/97c9344c4b878ddc4723486640688d2d3d38ad32 https://github.com/qpdf/qpdf/commit/ac3c81a8edcb44e2669485630d6718c96a6ad6e9 References: http://somevulnsofadlab.blogspot.com.br/2017/07/qpdfan-infinite-loop-in-libqpdf.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Created attachment 498598 [details] QPDF Vulnerbility Tests @Maintainer(s): The newest version 7.0.0 fixes these bugs. I tested these vulnerabilities with version 5.1.1-r1, and the version appears to be affected. You may view this in the attachment. Please advise on how you would like to proceed.
Adding CVE-2017-9208,CVE-2017-9209,CVE-2017-9210 to the list of infinite loops
@ Maintainer(s): Please state if you are ready for stabilization.
amd64 stable
Looking good on ppc. # cat qpdf-626446.report USE tests started on Sa 20. Jan 19:57:43 CET 2018 USE='-doc -examples -perl -static-libs' succeeded for =app-text/qpdf-7.0.0 USE='doc -examples -perl -static-libs' succeeded for =app-text/qpdf-7.0.0 USE='-doc examples -perl -static-libs' succeeded for =app-text/qpdf-7.0.0 USE='doc examples -perl -static-libs' succeeded for =app-text/qpdf-7.0.0 USE='-doc examples perl -static-libs' succeeded for =app-text/qpdf-7.0.0 USE='doc examples perl -static-libs' succeeded for =app-text/qpdf-7.0.0 USE='-doc -examples -perl static-libs' succeeded for =app-text/qpdf-7.0.0 USE='doc -examples -perl static-libs' succeeded for =app-text/qpdf-7.0.0 USE='doc examples -perl static-libs' succeeded for =app-text/qpdf-7.0.0 USE='-doc -examples perl static-libs' succeeded for =app-text/qpdf-7.0.0 USE='-doc examples perl static-libs' succeeded for =app-text/qpdf-7.0.0 USE='doc examples perl static-libs' succeeded for =app-text/qpdf-7.0.0 FEATURES= test succeeded for =app-text/qpdf-7.0.0 revdep tests started on Sa 20. Jan 22:35:02 CET 2018 FEATURES= test USE='pclm' succeeded for net-print/cups-filters
ppc stable (thanks to ernsteiswuerfel)
Adding my email to track. qpdf-7.0.0 and 7.1.0 cause cups-filters to not build on my stable machine. Falling back to the qpdf-5 version works. Will wait for this to be solved before posting another bug report.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=caf493509f53379aa0066c30f5197d7a8017f414 commit caf493509f53379aa0066c30f5197d7a8017f414 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2018-01-21 19:33:08 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2018-01-21 20:27:46 +0000 app-text/qpdf: x86 stable Bug: https://bugs.gentoo.org/626446 Package-Manager: Portage-2.3.19, Repoman-2.3.6 app-text/qpdf/qpdf-7.0.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)}
sparc stable (thanks to Rolf Eike Beer)
Stable on alpha.
ia64 stable
commit 3f096c35bf4beeb405bfa6673b5cb2734e40efc9 Author: Rolf Eike Beer <eike@sf-mail.de> Date: Tue Feb 6 18:20:59 2018 +0100 app-text/qpdf: stable 7.0.0 for hppa, bug #626446
there is no stable qpdf on arm64 right now and nothing stable revdeps on it yet/anymore, unCCing
ppc64 stable
arm stable, all arches done.
@Maintainers please remove vulnerable versions. GLSA Vote: No. Thank you
cleanup will be tracked in bug #647776