[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2017-17858/mupdf

Salvatore Bonaccorso carnil at debian.org
Thu Jan 25 23:03:54 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a4a65c3 by Salvatore Bonaccorso at 2018-01-26T00:03:29+01:00
Update information for CVE-2017-17858/mupdf

To reviewers: double check this update since the
http://git.ghostscript.com/?p=mupdf.git;a=commit;h=f595e889b91a674eb94db7ca4d832da54f5194cd
is involving and I might have missed something which makes the issue
only be covered before. Before that change though the offsets are
already checked if they are out of range, ofs of type fz_off_t.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6764,9 +6764,11 @@ CVE-2017-17860 (In Samsung Gear products, Bluetooth link key is updated to the .
 CVE-2017-17859 (Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass ...)
 	NOT-FOR-US: Samsung Internet Browser
 CVE-2017-17858 (Heap-based buffer overflow in the ensure_solid_xref function in ...)
-	- mupdf <unfixed>
+	- mupdf <not-affected> (Vulnerable code introduced in 1.11.1)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698819 (not public)
-	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731
+	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731
+	NOTE: Commit http://git.ghostscript.com/?p=mupdf.git;a=commit;h=f595e889b91a674eb94db7ca4d832da54f5194cd
+	NOTE: switches to use int64_t for public file API offsets and introduced the flaw.
 	NOTE: https://github.com/mzet-/Security-Advisories/blob/master/mzet-adv-2017-01.md
 CVE-2017-17851
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a4a65c33f5e2b6bf8ba67c22b0dde0357975821

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6a4a65c33f5e2b6bf8ba67c22b0dde0357975821
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180125/3821b033/attachment.html>

More information about the Secure-testing-commits mailing list