Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 803113 (CVE-2019-25051) - <app-text/aspell-0.60.8-r3: heap buffer overflow (CVE-2019-25051)
Summary: <app-text/aspell-0.60.8-r3: heap buffer overflow (CVE-2019-25051)
Status: IN_PROGRESS
Alias: CVE-2019-25051
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://bugs.chromium.org/p/oss-fuzz/...
Whiteboard: B2 [glsa?]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-07-20 22:46 UTC by John Helmert III
Modified: 2021-07-21 21:43 UTC (History)
1 user (show)

See Also:
Package list:
app-text/aspell-0.60.8-r3 *
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-07-20 22:46:29 UTC
CVE-2019-25051:

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).

Apparently unreleased patch: https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a
Comment 1 Larry the Git Cow gentoo-dev 2021-07-20 23:28:15 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1bf5957c0e28cda26533b9995b69fe24972bd1f9

commit 1bf5957c0e28cda26533b9995b69fe24972bd1f9
Author:     Conrad Kostecki <conikost@gentoo.org>
AuthorDate: 2021-07-20 23:27:56 +0000
Commit:     Conrad Kostecki <conikost@gentoo.org>
CommitDate: 2021-07-20 23:27:56 +0000

    app-text/aspell: drop old version
    
    Bug: https://bugs.gentoo.org/803113
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Conrad Kostecki <conikost@gentoo.org>

 app-text/aspell/aspell-0.60.8-r2.ebuild | 112 --------------------------------
 1 file changed, 112 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e8adb6ed480c4538fc561c348f5bab3d4410baa

commit 0e8adb6ed480c4538fc561c348f5bab3d4410baa
Author:     Conrad Kostecki <conikost@gentoo.org>
AuthorDate: 2021-07-20 23:26:08 +0000
Commit:     Conrad Kostecki <conikost@gentoo.org>
CommitDate: 2021-07-20 23:26:08 +0000

    app-text/aspell: fix CVE-2019-25051
    
    Debian also applied this upstream patch to their aspell package.
    
    Bug: https://bugs.gentoo.org/803113
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Conrad Kostecki <conikost@gentoo.org>

 app-text/aspell/aspell-0.60.8-r3.ebuild            | 113 +++++++++++++++++++++
 .../files/aspell-0.60.8-cve-2019-25051.patch       |  96 +++++++++++++++++
 2 files changed, 209 insertions(+)
Comment 2 Sam James archtester gentoo-dev Security 2021-07-21 05:14:49 UTC
Thank you! Let us know when ready to stable.
Comment 3 Conrad Kostecki gentoo-dev 2021-07-21 08:46:28 UTC
(In reply to Sam James from comment #2)
> Thank you! Let us know when ready to stable.

Already done, since this was only a patch, I revbumped with same keywords and dropped old one.
Comment 4 John Helmert III gentoo-dev Security 2021-07-21 21:43:08 UTC
(In reply to Conrad Kostecki from comment #3)
> (In reply to Sam James from comment #2)
> > Thank you! Let us know when ready to stable.
> 
> Already done, since this was only a patch, I revbumped with same keywords
> and dropped old one.

Thanks!