CVE-2020-36281: Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.
CVE-2020-36277: Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c CVE-2020-36278: Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. CVE-2020-36279: Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. CVE-2020-36280: Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c
I understand we have 1.80.0 in tree since last August.
Please run the tests when stabilising.
amd64 done
x86 done
arm64 done
ppc done
ppc64 done
arm done all arches done
Please cleanup, thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6c29e1f27e5073deee0636184b3a27677978ba4 commit d6c29e1f27e5073deee0636184b3a27677978ba4 Author: James Le Cuirot <chewi@gentoo.org> AuthorDate: 2021-05-30 17:59:49 +0000 Commit: James Le Cuirot <chewi@gentoo.org> CommitDate: 2021-05-30 17:59:49 +0000 media-libs/leptonica: Drop old and vulnerable 1.74.4 Bug: https://bugs.gentoo.org/775629 Package-Manager: Portage-3.0.19, Repoman-3.0.3 Signed-off-by: James Le Cuirot <chewi@gentoo.org> media-libs/leptonica/Manifest | 1 - media-libs/leptonica/files/baseline_reg.patch | 22 ---------- media-libs/leptonica/leptonica-1.74.4.ebuild | 63 --------------------------- 3 files changed, 86 deletions(-)
Thanks!
GLSA request filed.
This issue was resolved and addressed in GLSA 202107-53 at https://security.gentoo.org/glsa/202107-53 by GLSA coordinator John Helmert III (ajak).