Debian Bug report logs -
#898133
libgxps: CVE-2018-10767: Stack Buffer Overflow in calling glib in gxps_images_guess_content_type of gcontenttype.c
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 7 May 2018 18:36:02 UTC
Severity: important
Tags: security, upstream
Found in version libgxps/0.2.2-3
Fixed in versions libgxps/0.3.0-3, libgxps/0.3.1-1
Done: Jeremy Bicha <jbicha@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, team@security.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#898133; Package src:libgxps.
(Mon, 07 May 2018 18:36:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, team@security.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>.
(Mon, 07 May 2018 18:36:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libgxps
Version: 0.2.2-3
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for libgxps.
CVE-2018-10767[0]:
| There is a stack-based buffer over-read in calling GLib in the function
| gxps_images_guess_content_type of gxps-images.c in libgxps through
| 0.3.0 because it does not reject negative return values from a
| g_input_stream_read call. A crafted input will lead to a remote denial
| of service attack.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-10767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10767
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1575188
Regards,
Salvatore
Reply sent
to Jeremy Bicha <jbicha@debian.org>:
You have taken responsibility.
(Sat, 05 Jan 2019 15:09:09 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sat, 05 Jan 2019 15:09:09 GMT) (full text, mbox, link).
Message #10 received at 898133-close@bugs.debian.org (full text, mbox, reply):
Source: libgxps
Source-Version: 0.3.1-1
We believe that the bug you reported is fixed in the latest version of
libgxps, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 898133@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jeremy Bicha <jbicha@debian.org> (supplier of updated libgxps package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 05 Jan 2019 09:33:11 -0500
Source: libgxps
Binary: libgxps2 libgxps-dev libgxps-utils libgxps-doc gir1.2-gxps-0.1
Architecture: source
Version: 0.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Jeremy Bicha <jbicha@debian.org>
Description:
gir1.2-gxps-0.1 - GObject introspection data for the gxps library
libgxps-dev - handling and rendering XPS documents (development files)
libgxps-doc - library for handling and rendering XPS documents (documentation)
libgxps-utils - handling and rendering XPS documents (utilities)
libgxps2 - handling and rendering XPS documents (library)
Closes: 898133
Changes:
libgxps (0.3.1-1) unstable; urgency=medium
.
* New upstream release
- This release also includes the fixes we cherry-picked in 0.3.0-3 for
CVE-2018-10767 (Closes: #898133)
* Drop all patches: applied in new release
* Bump minimum meson to 0.43.0
Checksums-Sha1:
e85d99e0e7e5ea9479bdad4025f85d0317ea58c2 2499 libgxps_0.3.1-1.dsc
f6682287ea85b57d77fc7a5586f615eef4e69012 93132 libgxps_0.3.1.orig.tar.xz
535a75d785865277d0827bca4bff2bc40bd22ab5 4920 libgxps_0.3.1-1.debian.tar.xz
b56d93efd2aaf257d2c38f92f407d9fbd91b2fdb 17839 libgxps_0.3.1-1_source.buildinfo
Checksums-Sha256:
af91145fc9cbcdf742a26663e7451d3edb21e53061d5dee3b6f095daa013258d 2499 libgxps_0.3.1-1.dsc
1a939fc8fcea9471b7eca46b1ac90cff89a30d26f65c7c9a375a4bf91223fa94 93132 libgxps_0.3.1.orig.tar.xz
b18c39811c901571336a17c4cad976e7e870463694ef5e3c543b44a8a206c570 4920 libgxps_0.3.1-1.debian.tar.xz
38d8dc1745c6928f9716ce613f6f921cfbc7d667fda6a2c3b5126a56e504ffee 17839 libgxps_0.3.1-1_source.buildinfo
Files:
b7216f4dfb474280eb390812b7f5dcd8 2499 libs optional libgxps_0.3.1-1.dsc
ade83c264b3af2551a0dff9144478df8 93132 libs optional libgxps_0.3.1.orig.tar.xz
9d208b6407b10e81b85efe653966bbf6 4920 libs optional libgxps_0.3.1-1.debian.tar.xz
ed695db9a026d2438847619296f4e835 17839 libs optional libgxps_0.3.1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAlwwwGUACgkQ5mx3Wuv+
bH0ZTg/+ICxkmIuX3vk5hNf0goBuu22xp31J1g5Vp/gQ5D1xOFmpNl1PxJVl+TFN
HTpO6yUEpXVjFVXsHhrnAMIEnPAtuMvKSAP/Gsk0C0lbqgpyTLk355kDYN7y5bRu
362LceJ1+dNa/umqFUbjGIsl0Nr1u9jkqBxf/wCyiEINNaxjiHpMOStKJob1KoUw
oqX72V9PmU4WPlKgfpHyak4FveQa5cd2uiY8OyU7mAiqAnicqpot7LXUA18oY1Ed
eIRrgrfk/6QWuHI7aFPkF5kB1WzNwQLsFpxGf3Wl7mh4Z5l8jqcUlkBfmLnCRBKs
U8Y4PWDTlh+97tT80sDd4sqgHs1uOnn6CONewjUk+cXIBHdxUbtZDXLVn2gzzxBK
WjQD2vSpOVLEaztFwHcntX0NIMI915MDakRkvcgjRalANadEqTR+Q8dpe9hSXPnr
JujhwqcJZ8d6RembtGiSq1zHdRXDdDSM4XUFIs2/e0dK4WKxEsM311oIbiC7ehry
XKosMfSK3R0IRaUSONOrSUAoF7UQ69vdS4khsyl6rFKQAYnuKw4s1lMlRSc+G06l
jU1kEz8fykxbRDlEraScJPS9806gW6RKDpxvA4Y8EQiAEcfFT3uaqE4AzvUXrYwK
ErvOuvqIhRNUKwnonS3+o6pKhV7Jptmv7HvHiZyIGzRxYVizeiA=
=p+hc
-----END PGP SIGNATURE-----
Marked as fixed in versions libgxps/0.3.0-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sat, 05 Jan 2019 16:39:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 08 Feb 2019 07:28:25 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:26:12 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon