[Git][java-team/libitext5-java][master] 2 commits: Patch for infinite loop in PDF traversal CVE-2021-37819 (Closes: #1059320)
Tony Mancill (@tmancill)
gitlab at salsa.debian.org
Sat Dec 23 05:04:59 GMT 2023
Tony Mancill pushed to branch master at Debian Java Maintainers / libitext5-java
Commits:
8826f321 by tony mancill at 2023-12-22T20:40:33-08:00
Patch for infinite loop in PDF traversal CVE-2021-37819 (Closes: #1059320)
- - - - -
73e22cea by tony mancill at 2023-12-22T20:44:31-08:00
Prepare changelog for upload
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/0011-CVE-2021-37819.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,11 @@
+libitext5-java (5.5.13.3-4) unstable; urgency=medium
+
+ * Team upload.
+ * Patch for infinite loop in PDF traversal (Closes: #1059320)
+ Addresses CVE-2021-37819
+
+ -- tony mancill <tmancill at debian.org> Fri, 22 Dec 2023 20:42:34 -0800
+
libitext5-java (5.5.13.3-3) unstable; urgency=medium
[ Andreas Tille ]
=====================================
debian/patches/0011-CVE-2021-37819.patch
=====================================
@@ -0,0 +1,19 @@
+Description: CVE-2021-37819 infinite loop during PDF page traversal
+Origin: https://gitlab.com/pdftk-java/pdftk/-/merge_requests/21/commits
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059320
+
+--- a/itext/src/main/java/com/itextpdf/text/pdf/PdfReader.java
++++ b/itext/src/main/java/com/itextpdf/text/pdf/PdfReader.java
+@@ -3991,6 +3991,12 @@
+ kidsPR.remove(k);
+ break;
+ }
++ int rpageObjectNumber = rpage.getNumber();
++ PRIndirectReference kidObjIndirectRef = (PRIndirectReference)obj;
++ int kidObjectNumber = kidObjIndirectRef.getNumber();
++ if (rpageObjectNumber == kidObjectNumber) {
++ throw new InvalidPdfException("Invalid reference on Kids: " + kidObjectNumber);
++ }
+ iteratePages((PRIndirectReference)obj);
+ }
+ popPageAttributes();
=====================================
debian/patches/series
=====================================
@@ -6,3 +6,4 @@ skip_test_requiring_xserver.patch
0008-Update-CompareToolTests.patch
0009-Fix-OUTFOLDER-so-it-s-separated-from-the-fileName.patch
0010-bouncycastle-177.patch
+0011-CVE-2021-37819.patch
View it on GitLab: https://salsa.debian.org/java-team/libitext5-java/-/compare/65b04cb718b7594874148e870c96cb2f50d02b99...73e22cea2742f51cc65fbf6c6e942b37f5d37170
--
View it on GitLab: https://salsa.debian.org/java-team/libitext5-java/-/compare/65b04cb718b7594874148e870c96cb2f50d02b99...73e22cea2742f51cc65fbf6c6e942b37f5d37170
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20231223/ef559376/attachment.htm>
More information about the pkg-java-commits
mailing list