[Git][java-team/libitext-java][master] 2 commits: Patch for infinite loop in PDF traversal CVE-2021-37819 (Closes: #1059318)
Tony Mancill (@tmancill)
gitlab at salsa.debian.org
Sat Dec 23 05:41:06 GMT 2023
Tony Mancill pushed to branch master at Debian Java Maintainers / libitext-java
Commits:
3c1c0e46 by tony mancill at 2023-12-22T21:30:47-08:00
Patch for infinite loop in PDF traversal CVE-2021-37819 (Closes: #1059318)
- - - - -
a522237c by tony mancill at 2023-12-22T21:36:37-08:00
Prepare changelog for upload
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/07_CVE-2021-37819.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,11 @@
+libitext-java (2.1.7-16) unstable; urgency=medium
+
+ * Team upload.
+ * Patch for infinite loop in PDF traversal (Closes: #1059318)
+ Addresses CVE-2021-37819
+
+ -- tony mancill <tmancill at debian.org> Fri, 22 Dec 2023 21:31:38 -0800
+
libitext-java (2.1.7-15) unstable; urgency=medium
* Team upload.
=====================================
debian/patches/07_CVE-2021-37819.patch
=====================================
@@ -0,0 +1,19 @@
+Description: CVE-2021-37819 infinite loop during PDF page traversal
+Origin: https://gitlab.com/pdftk-java/pdftk/-/merge_requests/21/commits
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059318
+
+--- a/core/com/lowagie/text/pdf/PdfReader.java
++++ b/core/com/lowagie/text/pdf/PdfReader.java
+@@ -3322,6 +3322,12 @@
+ kidsPR.remove(k);
+ break;
+ }
++ int rpageObjectNumber = rpage.getNumber();
++ PRIndirectReference kidObjIndirectRef = (PRIndirectReference)obj;
++ int kidObjectNumber = kidObjIndirectRef.getNumber();
++ if (rpageObjectNumber == kidObjectNumber) {
++ throw new InvalidPdfException("Invalid reference on Kids: " + kidObjectNumber);
++ }
+ iteratePages((PRIndirectReference)obj);
+ }
+ popPageAttributes();
=====================================
debian/patches/series
=====================================
@@ -5,3 +5,4 @@
encoding.patch
05_primitive-wrappers.patch
06_bouncycastle_1.77.patch
+07_CVE-2021-37819.patch
View it on GitLab: https://salsa.debian.org/java-team/libitext-java/-/compare/e8344ee7d5d42cf1993085993c530103d19839ef...a522237cf31369edd478eeaa1809ed55ed57f063
--
View it on GitLab: https://salsa.debian.org/java-team/libitext-java/-/compare/e8344ee7d5d42cf1993085993c530103d19839ef...a522237cf31369edd478eeaa1809ed55ed57f063
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20231223/2ded3071/attachment.htm>
More information about the pkg-java-commits
mailing list