[SECURITY] [DLA 2168-1] libplist security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2168-1] libplist security update
From: Dylan Aïssi <daissi@debian.org>
Date: Thu, 2 Apr 2020 10:02:22 +0200
Message-id: <[🔎] CA+6XHwR=+UrU__V_Bosaao0pQygBGDZXZWMh2k-Q+zdQOtreOA@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libplist
Version        : 1.11-3+deb8u1
CVE ID         : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835
                 CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 CVE-2017-7982
Debian Bug     : 851196 852385 854000 860945


libplist is a library for reading and writing the Apple binary and XML
property lists format. It's part of the libimobiledevice stack, providing
access to iDevices (iPod, iPhone, iPad ...).

CVE-2017-5209

    The base64decode function in base64.c allows attackers to obtain sensitive
    information from process memory or cause a denial of service (buffer
    over-read) via split encoded Apple Property List data.

CVE-2017-5545

    The main function in plistutil.c allows attackers to obtain sensitive
    information from process memory or cause a denial of service (buffer
    over-read) via Apple Property List data that is too short.

CVE-2017-5834

    The parse_dict_node function in bplist.c allows attackers to cause a denial
    of service (out-of-bounds heap read and crash) via a crafted file.

CVE-2017-5835

    libplist allows attackers to cause a denial of service (large memory
    allocation and crash) via vectors involving an offset size of zero.

CVE-2017-6435

    The parse_string_node function in bplist.c allows local users to cause a
    denial of service (memory corruption) via a crafted plist file.

CVE-2017-6436

    The parse_string_node function in bplist.c allows local users to cause a
    denial of service (memory allocation error) via a crafted plist file.

CVE-2017-6439

    Heap-based buffer overflow in the parse_string_node function in bplist.c
    allows local users to cause a denial of service (out-of-bounds write) via
    a crafted plist file.

CVE-2017-7982

    Integer overflow in the plist_from_bin function in bplist.c allows remote
    attackers to cause a denial of service (heap-based buffer over-read and
    application crash) via a crafted plist file.

For Debian 8 "Jessie", these problems have been fixed in version
1.11-3+deb8u1.

We recommend that you upgrade your libplist packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmjwHvQbeL0FugTpdYS7xYT4FD1QFAl6Fm5QACgkQYS7xYT4F
D1T6Ow//TDn8f6all78wxwayx+WTCPASckG2Rb+IDCW1GEyfmUIBwGqFGYMT0vlF
NZeZzvda+o3SoWfM9CYEa7NYgMqQBkL3NlZyjw0Ttd8ACb2HG8/N2oQiTAFsT6/5
3ABTVlLcpULTd2m1sNruY1jzpXY2cUCpNAozaH8s8EiMNibEOiO553RJ1tD8mGg6
g9dcwy4xP1rWGCrXrCON4hbNdrEcFfM/K2Cz2aZujJyDF3kcS14dqVfT6xUDEnaZ
Lj7Zp0PVZ29ij6F4uE7ALYLxwjqWObY3Vepb76MuEWhcWrDLpbw3RIKHKGR0wBka
Cavt9EGDIKUeBVFAT7CeSwThwueyHlUZqBysDlpI3XoYE/rxS5UOB++sIXO1zbnK
4na/CvN49D8EVKmWUxiBjdJrdws4reREvcl628ZOR40i10qBcFCw4+J93CL+kbhM
Dd1mSYg+JBVBj5dFsX+foFLZaGDzFJrSjyG6dU6AyEggQkkzBWxeSyh6jTb2SdkO
HehEKqsyJiVmgDiewX68xQmaR3jAb2HezzQbvL52giMm7CIrnC3fgkihuDoyby9s
/wLDhQXng74VCArbEVI0UCedt5Cd+j3oLe5TfFjZ6WuxcaMSkW1CUbFaphoVW/iy
I4Jhn7Z7T2fxuo6upsb3A7rXrVqUcnnqq1hxAsZOFtHVXdgbfA0=
=x5+z
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2167-1] python-bleach security update
Next by Date: [SECURITY] [DLA 2169-1] libmtp security update
Previous by thread: [SECURITY] [DLA 2167-1] python-bleach security update
Next by thread: [SECURITY] [DLA 2169-1] libmtp security update
Index(es):
- Date
- Thread