Name CVE-2018-6352 Description In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file. Name CVE-2018-5308 Description PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. Name CVE-2018-5309 Description In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. Name CVE-2018-8001 Description In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. Reproducible: Always
Zac could you confirm if we are affected by those vulns? Thank you.
CVE-2018-8001: https://sourceforge.net/p/podofo/tickets/14/ https://sourceforge.net/p/podofo/code/1909 (fix) CVE-2018-6352: https://sourceforge.net/p/podofo/tickets/3/ (open) CVE-2018-5309: https://sourceforge.net/p/podofo/tickets/5/ https://sourceforge.net/p/podofo/code/1907 (fix) CVE-2018-5308: https://sourceforge.net/p/podofo/code/1876/ (fix)
I've added a podofo-0.9.6_p20180715 ebuild which includes fixes for CVE-2018-5308, CVE-2018-5309, and CVE-2018-8001, but CVE-2018-6352 remains unfixed: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=289e000c530215f2c921ea3e21d195b37b390c9c Earlier versions are affected by all 4 issues.
GLSA Vote: No Thank you all for you work. Closing as [noglsa].