Bug 19667

Summary: JBIG2 Processing Multiple Security Vulnerabilities
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: kdegraphicsAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: dottedmag
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: https://rhn.redhat.com/errata/RHSA-2009-0431.html

Description Vladimir Lettiev 2009-04-18 15:10:04 MSD 
Множество уязвимостей найдено в компоненте KPDF, код которого базируется на xdf:
CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg)
CVE-2009-0147 xpdf: Multiple integer overflows in JBIG2 decoder
CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder
CVE-2009-0799 PDF JBIG2 decoder OOB read
CVE-2009-0800 PDF JBIG2 multiple input validation flaws
CVE-2009-1179 PDF JBIG2 integer overflow
CVE-2009-1180 PDF JBIG2 invalid free()
CVE-2009-1181 PDF JBIG2 NULL dereference
CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows
CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS

Апстримом xpdf выпущен патч: ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl3.patch
Comment 1 Mikhail Gusarov 2009-04-18 15:10:48 MSD 
security -> blocker
Comment 2 Vladimir Lettiev 2009-04-21 01:56:41 MSD 
JFYI, развернул у себя ветку security_fixes, где приложил скорректированный патч от xpdf:
http://git.altlinux.org/people/crux/packages/?p=kdegraphics.git;a=commit;h=0592840ed99d1d75ca0da033e022fb60d08774bd
Comment 3 Sergey V Turchin 2009-04-22 14:02:33 MSD 
kdegraphics-3.5.10-alt2
Comment 4 Vladimir Lettiev 2009-04-22 16:58:27 MSD 
ack