Bug#909802: poppler: CVE-2018-16646 denial-of-service via crafted file
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Wed Dec 12 14:59:44 GMT 2018
Hi Moritz,
On Mi 12 Dez 2018 11:46:32 CET, Moritz Mühlenhoff wrote:
> On Thu, Nov 08, 2018 at 10:51:37AM +0000, Mike Gabriel wrote:
>> Hi Moritz,
>>
>> On Di 06 Nov 2018 17:14:35 CET, Moritz Mühlenhoff wrote:
>>
>> > On Fri, Sep 28, 2018 at 08:32:25PM +0200, Markus Koschany wrote:
>> > > Package: poppler
>> > > X-Debbugs-CC: team at security.debian.org
>> > > Severity: important
>> > > Tags: security
>> > >
>> > > Hi,
>> > >
>> > > The following vulnerability was published for poppler.
>> > >
>> > > CVE-2018-16646[0]:
>> > > | In Poppler 0.68.0, the Parser::getObj() function in Parser.cc
>> may cause
>> > > | infinite recursion via a crafted file. A remote attacker can leverage
>> > > | this for a DoS attack.
>> >
>> > For jessie the wrong patches got applied. They are based on MR 67, which
>> > didn't get merged in favour of the patch from MR 91.
>> >
>> > On a more general notice: This bug has virtually no security impact, it's
>> > hard too see why this change was made for an LTS release to begin with,
>> > but at least wait until it's applied/fixed in unstable before backporting.
>>
>> Not security, but functionality.
>
> Of which there have been hundreds of other since the version in jessie
> was released, anyway let's not digress, the point of my followup is
> to notify you of regression in the security fix for CVE-2018-16646. I've
> just added links to the relevant upstream commits to the security tracker.
> These seem also needed in jessie.
>
> Cheers,
> Moritz
Thanks for letting me know. Regresion fix upload to jessie is on its way...
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: Digitale PGP-Signatur
URL: <http://alioth-lists.debian.net/pipermail/pkg-freedesktop-maintainers/attachments/20181212/c944ad6d/attachment.sig>
More information about the Pkg-freedesktop-maintainers
mailing list