Debian Bug report logs -
#860788
jbig2dec: CVE-2017-7975: Out-of-bound memory write vulnerability due to integer overflow in function jbig2_build_huffman_table
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Printing Team <debian-printing@lists.debian.org>:
Bug#860788; Package src:jbig2dec.
(Thu, 20 Apr 2017 06:18:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Printing Team <debian-printing@lists.debian.org>.
(Thu, 20 Apr 2017 06:18:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: jbig2dec
Version: 0.13-4
Severity: important
Tags: upstream security
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697693
Control: found -1 0.13-4~deb8u1
Hi,
the following vulnerability was published for jbig2dec.
CVE-2017-7975[0]:
| Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds
| writes because of an integer overflow in the jbig2_build_huffman_table
| function in jbig2_huffman.c during operations on a crafted JBIG2 file,
| leading to a denial of service (application crash) or possibly
| execution of arbitrary code.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975
[1] https://bugs.ghostscript.com/show_bug.cgi?id=697693
Regards,
Salvatore
Marked as found in versions jbig2dec/0.13-4~deb8u1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org.
(Thu, 20 Apr 2017 06:18:04 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Printing Team <debian-printing@lists.debian.org>:
Bug#860788; Package src:jbig2dec.
(Wed, 10 May 2017 18:51:16 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Printing Team <debian-printing@lists.debian.org>.
(Wed, 10 May 2017 18:51:16 GMT) (full text, mbox, link).
Message #12 received at 860788@bugs.debian.org (full text, mbox, reply):
Control: tags -1 + fixed-upstream
On Thu, Apr 20, 2017 at 08:15:29AM +0200, Salvatore Bonaccorso wrote:
> Source: jbig2dec
> Version: 0.13-4
> Severity: important
> Tags: upstream security
> Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697693
> Control: found -1 0.13-4~deb8u1
>
> Hi,
>
> the following vulnerability was published for jbig2dec.
>
> CVE-2017-7975[0]:
> | Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds
> | writes because of an integer overflow in the jbig2_build_huffman_table
> | function in jbig2_huffman.c during operations on a crafted JBIG2 file,
> | leading to a denial of service (application crash) or possibly
> | execution of arbitrary code.
Fixed in
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5e57e483298dae8b
Regards,
Salvatore
Added tag(s) fixed-upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 860788-submit@bugs.debian.org.
(Wed, 10 May 2017 18:51:16 GMT) (full text, mbox, link).
Added tag(s) patch.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 860460-submit@bugs.debian.org.
(Tue, 16 May 2017 19:39:13 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 860460-submit@bugs.debian.org.
(Tue, 16 May 2017 19:39:14 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Printing Team <debian-printing@lists.debian.org>:
Bug#860788; Package src:jbig2dec.
(Tue, 16 May 2017 19:39:17 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Printing Team <debian-printing@lists.debian.org>.
(Tue, 16 May 2017 19:39:18 GMT) (full text, mbox, link).
Message #23 received at 860788@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags 860460 + patch
Control: tags 860460 + pending
Control: tags 860787 + patch
Control: tags 860787 + pending
Control: tags 860788 + patch
Control: tags 860788 + pending
Dear maintainer,
I've prepared an NMU for jbig2dec (versioned as 0.13-4.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
[jbig2dec-0.13-4.1-nmu.diff (text/x-diff, attachment)]
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Wed, 17 May 2017 09:12:08 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 17 May 2017 09:12:08 GMT) (full text, mbox, link).
Message #28 received at 860788-close@bugs.debian.org (full text, mbox, reply):
Source: jbig2dec
Source-Version: 0.13-4.1
We believe that the bug you reported is fixed in the latest version of
jbig2dec, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 860788@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated jbig2dec package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 16 May 2017 20:08:21 +0200
Source: jbig2dec
Binary: libjbig2dec0-dev libjbig2dec0 jbig2dec
Architecture: source
Version: 0.13-4.1
Distribution: unstable
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 860460 860787 860788
Description:
jbig2dec - JBIG2 decoder library - tools
libjbig2dec0 - JBIG2 decoder library - shared libraries
libjbig2dec0-dev - JBIG2 decoder library - development files
Changes:
jbig2dec (0.13-4.1) unstable; urgency=high
.
* Non-maintainer upload.
* Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460)
* Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788)
* Bounds check before reading from image source data (CVE-2017-7976)
(Closes: #860787)
Checksums-Sha1:
280a61fcbe3beeaa369ab0b0c5b0c1122772ff15 2291 jbig2dec_0.13-4.1.dsc
9c9c38fe026410501e7a8e0d1577196411af854e 25568 jbig2dec_0.13-4.1.debian.tar.xz
Checksums-Sha256:
4fca01f41a817e412d79fa4148567f9945594d02b0f45b02ec307908d66a5f73 2291 jbig2dec_0.13-4.1.dsc
41114245b7410a03196c5f7def10efa78c9da12b4bac9d21d6fbe96ded4232dd 25568 jbig2dec_0.13-4.1.debian.tar.xz
Files:
493146b382b4f9b61478e6832356bbb4 2291 libs optional jbig2dec_0.13-4.1.dsc
6770cc5dd5ae16609b8121129e4a4a03 25568 libs optional jbig2dec_0.13-4.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkbQLdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EeuUP/iq2UeXE7crDsjnuVdJ8oofNCAPQPAnf
z/F1kH19QsHOjGL3KycMuitcH6vVvClP1+LmoxCGUaH0a9Sm0jiU3zsj/k7D+PDO
I0FVk7OnwVqUgUhNlZNaM+1gQ7PZtgV/jVEW1l5cElGOe99H7YWi5lEylXEjnV1S
+Zvch0E7PdKtXljONXwTj9IfEVztRqkHIWSdnySUjahXzgkUsFt5N7dEJ2d9bRPU
7+jEoKpW340N4IJsJiTb6UxZ8Nwp3xZ53YEfQt5ndXAPIsEGRK5IE0cdot1tZ9Dh
B5LeoJeYxjZrePgqqiTlBE/LtqJxYhk4V1TlM38rE335q9C+H9yWCYVMOoL19vp3
PSQnzDAjmiihXaUkT7AaVEHmy/FdUwExsNSgN/ydzG24kpWk1GI3iYwCi1YKIw2D
Yhi9dhjV5b5XqX/qHcVtI7UbfNCbuYR7YKxt7D5fyR2Ldmfz+ERDXMqiVIoi6Ew4
886d7X+vHbwV8Q0AJo8rYNimvVb2VcMyaTsvC3DTubsKayYvb3QxETAUUBm8Lx85
+3Zrxxp8zDlNhgYwgZznHQ51q4PbPQuxn6eI03GKaN7+/3JxiwLVipDmMeXncUi6
b+LOMaZHHiO8u1CY4RLn9R140CBBRKnuIACXYzh7T+qFMTzRt1YEXuQnuSFVmHoz
FBUQ0thQ89y2
=6k3l
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sat, 27 May 2017 12:36:27 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sat, 27 May 2017 12:36:27 GMT) (full text, mbox, link).
Message #33 received at 860788-close@bugs.debian.org (full text, mbox, reply):
Source: jbig2dec
Source-Version: 0.13-4~deb8u2
We believe that the bug you reported is fixed in the latest version of
jbig2dec, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 860788@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated jbig2dec package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 16 May 2017 22:35:00 +0200
Source: jbig2dec
Binary: libjbig2dec0-dev libjbig2dec0 jbig2dec
Architecture: source
Version: 0.13-4~deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 860460 860787 860788
Description:
jbig2dec - JBIG2 decoder library - tools
libjbig2dec0 - JBIG2 decoder library - shared libraries
libjbig2dec0-dev - JBIG2 decoder library - development files
Changes:
jbig2dec (0.13-4~deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460)
* Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788)
* Bounds check before reading from image source data (CVE-2017-7976)
(Closes: #860787)
Checksums-Sha1:
a50833266dc9fe415549d27f0243425c0cd06b2d 2297 jbig2dec_0.13-4~deb8u2.dsc
fe48a2632bfef531b771b3469ddd4e4bd640dc69 25752 jbig2dec_0.13-4~deb8u2.debian.tar.xz
Checksums-Sha256:
7d7c3038f5989460cf31f8463dca25dc58b9754640032ff8dc0eac70737075a0 2297 jbig2dec_0.13-4~deb8u2.dsc
aa43ed412a7516d219385eac5e19569a2f5f996a76d641752b10c2baa971a576 25752 jbig2dec_0.13-4~deb8u2.debian.tar.xz
Files:
8c7092a134bafc8a231481bc5bca211c 2297 libs optional jbig2dec_0.13-4~deb8u2.dsc
634ce3c77a142ce53c18be1efada8df8 25752 libs optional jbig2dec_0.13-4~deb8u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkb2ZpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EpcYP/jhs5xfSYa6rI6uCpvXCJekOK0JSSJGK
fRVcvbhwDJBOc8ODBzBc8uqV4mxI+bORo+Fthmdukke0VGsTVyRqjL+rbXAJg7Qg
+248H1H3guGAcXwNB44pV6oU94a0q5+1x81gVZ84XY1khUF4vQ//S1mxI8IanXW5
mUrUhpahJAFAYFubT4yh4PRnhgwEILoAuTetlyWyRyUjhcxRJO0D/k3rTjlErQrk
GGbMDbeKvoJfrG9AuYmjfDmK4a51LnRV2FgWBqB157H48EfmsZDh8GkpPCe+Vtnr
mlB07pBJjLNRVs6IIlEaK0ldfaNiWHFZOCxwLeJoc9sq8Za1OAOMftkLF4jYJNDA
/DuAUnNDyxNCvraDzrMqEzEt9jD/EszHwfYE+mks88Hxxbv5PX1iuPy2vaEGaBZn
+7r/KBMaeoTE3Nggm20XI0Sv7LXmdeDujmMOk/N0+OLkF2yJ1FzkYA6H5kj6P/pB
5dBTOWP199NHF7dCLD57GD5d1iuHCy2VkLoPL2caLrw0cF031SgOq3v30ToDnt9Y
QbmHtmXYeEcgIpLIlAJE9gK/7tjWKWMTDdROJpLBG5ljA5UzNOmJmO9qyKUqKsfK
1DVfVXnm1O9WxvyqMeOP4Vg4pn5DCMFrKVGhntw9NqfY0KTy7GTemK/Z3YPk3NlY
NQX7hETmQN+9
=GyeA
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 25 Jun 2017 07:28:51 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:13:08 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon