Bug#770166: Several crashes opening malformed files

To: Rene Engelhard <rene@debian.org>, 770166@bugs.debian.org
Subject: Bug#770166: Several crashes opening malformed files
From: Alexander Cherepanov <cherepan@mccme.ru>
Date: Thu, 20 Nov 2014 17:15:36 +0300
Message-id: <[🔎] 546DF788.2030403@mccme.ru>
Reply-to: Alexander Cherepanov <cherepan@mccme.ru>, 770166@bugs.debian.org
In-reply-to: <[🔎] 20141119121143.GD24279@rene-engelhard.de>
References: <[🔎] 546C706E.5050802@mccme.ru> <[🔎] 20141119121143.GD24279@rene-engelhard.de>

Hi,

On 2014-11-19 15:11, Rene Engelhard wrote:

On Wed, Nov 19, 2014 at 01:26:54PM +0300, Alexander Cherepanov wrote:

Package: libreoffice
Version: 1:3.5.4+dfsg2-0+deb7u2

Please note that there are several crashes in the version of
LibreOffice shipped with Debian wheezy. Issues are reported
upstream, the list is here:

http://www.openwall.com/lists/oss-security/2014/11/19/3


Aha. Hangs and crashes only

Not sure what you mean. If you talk about master -- maybe. But for 3.5.4https://bugs.freedesktop.org/show_bug.cgi?id=86449 (and the list linkedabove) clearly says "potentially exploitable". Do you disagree with thisassessment and need an actual exploit?

 - and then oss-security?

Why not? At least it could serve as additional data for an ongoingdiscussion there about fuzzing and software quality.

FWIW, I agree with Michael here.

If you would care about those issues for everyone this simply would mean
that for all reverse-engineered/proprietary formats every bug in this
case would be a security

Yes, that would be a security issue. What is surprising about it? Shouldit be any different from, e.g., browsers?

update with all the brimborium and DSA etc. No,
that's not sensible, I think.

How to deal with it is entirely different question. One can think aboutvarious possible solutions -- from adding "Known bugs" section to theman page stating "Opening a file in LO that you get by email can causeyou to loose the work you are doing in another LO window or yourcomputer to be pwned." to disabling some input filters by default (andcaring about other filters).

Unless someone proves this has real impact _and has patches_

As of now, some of the mentioned issues are already fixed upstream. Notsure how easy it would be to backport fixes though.

I am not going to care.  This is in a dead-upstream version anyway.

If there are nobody who cares enough about LO to join you supporting itin Stable perhaps it should be EOLed similar to Iceweasel?


And now seems to be good time to think about it for the next release cycle.

--
Alexander Cherepanov

Reply to:

Follow-Ups:
- Bug#770166: Several crashes opening malformed files
  - From: Rene Engelhard <rene@debian.org>

References:
- Bug#770166: Several crashes opening malformed files
  - From: Alexander Cherepanov <cherepan@mccme.ru>
- Bug#770166: Several crashes opening malformed files
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Bug#770166: Several crashes opening malformed files
Next by Date: Bug#770378: Declaration variable problem
Previous by thread: Bug#770166: Several crashes opening malformed files
Next by thread: Bug#770166: Several crashes opening malformed files
Index(es):
- Date
- Thread