Debian Bug report logs -
#860961
libcroco: CVE-2017-7960 CVE-2017-7961
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 22 Apr 2017 17:54:02 UTC
Severity: important
Tags: patch, security, upstream
Found in version libcroco/0.6.8-3
Fixed in version libcroco/0.6.11-3
Done: Emilio Pozuelo Monfort <pochu@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#860961; Package src:libcroco.
(Sat, 22 Apr 2017 17:54:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>.
(Sat, 22 Apr 2017 17:54:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libcroco
Version: 0.6.8-3
Severity: important
Tags: security upstream patch
Hi,
the following vulnerabilities were published for libcroco.
CVE-2017-7960[0]:
| The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and
| 0.6.12 allows remote attackers to cause a denial of service (heap-based
| buffer over-read) via a crafted CSS file.
CVE-2017-7961[1]:
| The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and
| 0.6.12 has an "outside the range of representable values of type long"
| undefined behavior issue, which might allow remote attackers to cause a
| denial of service (application crash) or possibly have unspecified
| other impact via a crafted CSS file.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7960
https://git.gnome.org/browse/libcroco/commit/?id=898e3a8c8c0314d2e6b106809a8e3e93cf9d4394
[1] https://security-tracker.debian.org/tracker/CVE-2017-7961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7961
https://git.gnome.org/browse/libcroco/commit/?id=9ad72875e9f08e4c519ef63d44cdbd94aa9504f7
Regards,
Salvatore
Added tag(s) pending.
Request was from Emilio Pozuelo Monfort <pochu@debian.org>
to control@bugs.debian.org.
(Sun, 23 Apr 2017 11:21:07 GMT) (full text, mbox, link).
Reply sent
to Emilio Pozuelo Monfort <pochu@debian.org>:
You have taken responsibility.
(Sun, 23 Apr 2017 11:36:04 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 23 Apr 2017 11:36:04 GMT) (full text, mbox, link).
Message #12 received at 860961-close@bugs.debian.org (full text, mbox, reply):
Source: libcroco
Source-Version: 0.6.11-3
We believe that the bug you reported is fixed in the latest version of
libcroco, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 860961@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Emilio Pozuelo Monfort <pochu@debian.org> (supplier of updated libcroco package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 23 Apr 2017 13:17:31 +0200
Source: libcroco
Binary: libcroco3-dev libcroco3 libcroco-tools
Architecture: source
Version: 0.6.11-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Description:
libcroco-tools - Cascading Style Sheet (CSS) parsing and manipulation toolkit - ut
libcroco3 - Cascading Style Sheet (CSS) parsing and manipulation toolkit
libcroco3-dev - Cascading Style Sheet (CSS) parsing and manipulation toolkit
Closes: 860961
Changes:
libcroco (0.6.11-3) unstable; urgency=medium
.
* CVE-2017-7960-heap-buffer-overflow.patch:
- CVE-2017-7960: check end of input before reading from buffer.
* CVE-2017-7961-double-to-long-check.patch:
- CVE-2017-7961: check color value before converting to long.
* The above closes: #860961.
Checksums-Sha1:
0601a9da19325977e97086366423b82fec47c532 2264 libcroco_0.6.11-3.dsc
35203ccb3c30ae1d0956a362c6aabe6109e582f3 477312 libcroco_0.6.11.orig.tar.xz
a0b943c9a614de87c5e4f20e36895211b9d4c1d6 7960 libcroco_0.6.11-3.debian.tar.xz
a7cde9bcbf8cf42e7c681841209e2238bb2a9627 6831 libcroco_0.6.11-3_source.buildinfo
Checksums-Sha256:
6f9a86ee343586a7e0405cbfce42e8dacfb81826aaa68372545809338f71da35 2264 libcroco_0.6.11-3.dsc
132b528a948586b0dfa05d7e9e059901bca5a3be675b6071a90a90b81ae5a056 477312 libcroco_0.6.11.orig.tar.xz
dadcd41e83ccc4e22f1a6756c35009d4a75553745588d62129461522bd850b02 7960 libcroco_0.6.11-3.debian.tar.xz
1cc2f214b1105e2340548cf0a6aac542212bfb1082db7b13447fb2216494b6b4 6831 libcroco_0.6.11-3_source.buildinfo
Files:
b5d178b4715754ef7235c5a72e594728 2264 libs optional libcroco_0.6.11-3.dsc
dabc1911dfbfa85f8e6859ca47863168 477312 libs optional libcroco_0.6.11.orig.tar.xz
35ed2f988ddbbfb2ac5bc8391f60da4b 7960 libs optional libcroco_0.6.11-3.debian.tar.xz
78df713c6e845a4e7a529b6d18bfcefc 6831 libs optional libcroco_0.6.11-3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlj8ja4ACgkQnUbEiOQ2
gwLR2Q/+L4oiaMH6RdrfDP3tlQMKmT0rhPnhCaVPX8PyLNiaYYp3xaCzbD4QwEXF
sBbqZwwQYuaKUXtRGhhZgz8zShRFb1JDXE8GJeNF/SEmGcdN2wrK/ZhJGf8q56PW
xVhXPURG+50l0/ITmNdcMv+QHCIrCI29ROZ9Rqcq5Gpo5WcPqVPZ7br0/jdc8/It
YlsF0a77U1Xv35Ka1t9/DsYacbvVXGieQzt3r3AKOo6f0ryicNkhhqw8boVViQBN
2M6+ca2dm5IXlvGT6NbtlSxALap4KG7xHEE2bV2vCllXCI/LVtgtyVt1BDSv+DiZ
LC5+4IeuIhMn7qugS5L3y1OVpyAFOHt7elMFo/is3p9o/YtNAVKqU4qzIRjfmqZm
iKnhd3GMobFQl/yev5ToBa7vRoD2QelGXr0h5iLiN/b2jlpe0x/ErGvA/3uwjhYY
i5Sal9uXDBmi82vEeWHLf6mG47IxKbaISBH7Ix/uJmPpYlZwFnzQUKRbStGljE4w
Zu/PD7iQUhnA5TEeK0MvClP5Jg/mRfvt6rvuE+eqtD/qri6BBlWSmKZLdC7ALl4J
6vxM5a/1t5p/imYPseXtSi7SYhlwC2vJ6hEpir983VZ3Cji4nYOZWcdjGKQ431/K
LIcIS+2phSOKpdL/kzg2o58Ln3GGU4bJYELHTzH4UsmIQG2rS9s=
=1j9U
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 28 May 2017 07:28:24 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:16:00 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon