Bug#860460: marked as done (jbig2dec: CVE-2017-7885: heap-buffer-overflow by integer overflow to bypass the check in the function jbig2_decode_symbol_dict)
Your message dated Sat, 27 May 2017 12:32:38 +0000
with message-id <E1dEata-000Iut-An@fasolo.debian.org>
and subject line Bug#860460: fixed in jbig2dec 0.13-4~deb8u2
has caused the Debian Bug report #860460,
regarding jbig2dec: CVE-2017-7885: heap-buffer-overflow by integer overflow to bypass the check in the function jbig2_decode_symbol_dict
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
860460: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860460
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: jbig2dec: CVE-2017-7885: eap-buffer-overflow by integer overflow to bypass the check in the function jbig2_decode_symbol_dict
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Mon, 17 Apr 2017 11:19:50 +0200
- Message-id: <149242079022.18183.12534817079555880457.reportbug@eldamar.local>
Source: jbig2dec
Version: 0.13-4
Severity: important
Tags: security upstream
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697703
Control: found -1 0.13-4~deb8u1
Hi,
the following vulnerability was published for jbig2dec.
CVE-2017-7885[0]:
| Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to
| denial of service (application crash) or disclosure of sensitive
| information from process memory, because of an integer overflow in the
| jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in
| libjbig2dec.a during operation on a crafted .jb2 file.
There is the upstream report at [1], but details are currently not
provided to public, only in the PoC.zip which is password protected.
So might might need to wait for more information here, though I
alreayd filled the bugreport since we ship 0.13 based version, and the
issue was found there upstream.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7885
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885
[1] https://bugs.ghostscript.com/show_bug.cgi?id=697703
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: jbig2dec
Source-Version: 0.13-4~deb8u2
We believe that the bug you reported is fixed in the latest version of
jbig2dec, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 860460@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated jbig2dec package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 16 May 2017 22:35:00 +0200
Source: jbig2dec
Binary: libjbig2dec0-dev libjbig2dec0 jbig2dec
Architecture: source
Version: 0.13-4~deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 860460 860787 860788
Description:
jbig2dec - JBIG2 decoder library - tools
libjbig2dec0 - JBIG2 decoder library - shared libraries
libjbig2dec0-dev - JBIG2 decoder library - development files
Changes:
jbig2dec (0.13-4~deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460)
* Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788)
* Bounds check before reading from image source data (CVE-2017-7976)
(Closes: #860787)
Checksums-Sha1:
a50833266dc9fe415549d27f0243425c0cd06b2d 2297 jbig2dec_0.13-4~deb8u2.dsc
fe48a2632bfef531b771b3469ddd4e4bd640dc69 25752 jbig2dec_0.13-4~deb8u2.debian.tar.xz
Checksums-Sha256:
7d7c3038f5989460cf31f8463dca25dc58b9754640032ff8dc0eac70737075a0 2297 jbig2dec_0.13-4~deb8u2.dsc
aa43ed412a7516d219385eac5e19569a2f5f996a76d641752b10c2baa971a576 25752 jbig2dec_0.13-4~deb8u2.debian.tar.xz
Files:
8c7092a134bafc8a231481bc5bca211c 2297 libs optional jbig2dec_0.13-4~deb8u2.dsc
634ce3c77a142ce53c18be1efada8df8 25752 libs optional jbig2dec_0.13-4~deb8u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkb2ZpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EpcYP/jhs5xfSYa6rI6uCpvXCJekOK0JSSJGK
fRVcvbhwDJBOc8ODBzBc8uqV4mxI+bORo+Fthmdukke0VGsTVyRqjL+rbXAJg7Qg
+248H1H3guGAcXwNB44pV6oU94a0q5+1x81gVZ84XY1khUF4vQ//S1mxI8IanXW5
mUrUhpahJAFAYFubT4yh4PRnhgwEILoAuTetlyWyRyUjhcxRJO0D/k3rTjlErQrk
GGbMDbeKvoJfrG9AuYmjfDmK4a51LnRV2FgWBqB157H48EfmsZDh8GkpPCe+Vtnr
mlB07pBJjLNRVs6IIlEaK0ldfaNiWHFZOCxwLeJoc9sq8Za1OAOMftkLF4jYJNDA
/DuAUnNDyxNCvraDzrMqEzEt9jD/EszHwfYE+mks88Hxxbv5PX1iuPy2vaEGaBZn
+7r/KBMaeoTE3Nggm20XI0Sv7LXmdeDujmMOk/N0+OLkF2yJ1FzkYA6H5kj6P/pB
5dBTOWP199NHF7dCLD57GD5d1iuHCy2VkLoPL2caLrw0cF031SgOq3v30ToDnt9Y
QbmHtmXYeEcgIpLIlAJE9gK/7tjWKWMTDdROJpLBG5ljA5UzNOmJmO9qyKUqKsfK
1DVfVXnm1O9WxvyqMeOP4Vg4pn5DCMFrKVGhntw9NqfY0KTy7GTemK/Z3YPk3NlY
NQX7hETmQN+9
=GyeA
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: