Bug#1006760: marked as done (r-cran-commonmark: CVE-2022-24724 - integer overflow prior to 0.29.0.gfm.3 and 0.28.3.gfm.21 (cmark extension))

Wed, 09 Mar 2022 14:15:16 -0800 

Your message dated Wed, 09 Mar 2022 21:04:25 +0000
with message-id <[email protected]>
and subject line Bug#1006760: fixed in r-cran-commonmark 1.8.0-1
has caused the Debian Bug report #1006760,
regarding r-cran-commonmark: CVE-2022-24724 - integer overflow prior to 
0.29.0.gfm.3 and 0.28.3.gfm.21 (cmark extension)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1006760: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006760
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: r-cran-commonmark
Version: 1.7-2
Severity: important
Tags: security
X-Debbugs-Cc: [email protected], Debian Security Team 
<[email protected]>


The following vulnerability was published for r-cran-commonmark.

https://sources.debian.org/src/r-cran-commonmark/1.7-2/src/extensions/table.c/?hl=140#L140

CVE-2022-24724[0]:
| cmark-gfm is GitHub's extended version of the C reference
| implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and
| 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing
| `table.c:row_from_string` may lead to heap memory corruption when
| parsing tables who's marker rows contain more than UINT16_MAX columns.
| The impact of this heap corruption ranges from Information Leak to
| Arbitrary Code Execution depending on how and where `cmark-gfm` is
| used. If `cmark-gfm` is used for rendering remote user controlled
| markdown, this vulnerability may lead to Remote Code Execution (RCE)
| in applications employing affected versions of the `cmark-gfm`
| library. This vulnerability has been patched in the following cmark-
| gfm versions 0.29.0.gfm.3 and 0.28.3.gfm.21. A workaround is
| available. The vulnerability exists in the table markdown extensions
| of cmark-gfm. Disabling the table extension will prevent this
| vulnerability from being triggered.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-24724
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24724

Please adjust the affected versions in the BTS as needed.


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.16.0-1-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

--- End Message ---
--- Begin Message --- 
Source: r-cran-commonmark
Source-Version: 1.8.0-1
Done: Andreas Tille <[email protected]>

We believe that the bug you reported is fixed in the latest version of
r-cran-commonmark, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Tille <[email protected]> (supplier of updated r-cran-commonmark package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 09 Mar 2022 20:23:20 +0100
Source: r-cran-commonmark
Architecture: source
Version: 1.8.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian R Packages Maintainers <[email protected]>
Changed-By: Andreas Tille <[email protected]>
Closes: 965980 1006760
Changes:
 r-cran-commonmark (1.8.0-1) unstable; urgency=medium
 .
   * New upstream version
     Closes: #965980  (CVE-2020-5238)
     Closes: #1006760 (CVE-2022-24724)
   * Standards-Version: 4.6.0 (routine-update)
Checksums-Sha1:
 f8a0a45eb3c14b69a514feb1fa4f660439f580ac 2089 r-cran-commonmark_1.8.0-1.dsc
 5914a2c582210868cbad8919bcc55548ddc1a9c8 139478 
r-cran-commonmark_1.8.0.orig.tar.gz
 dcafe2d578b78f4d2df4ca40c982257e8fb1a08d 2416 
r-cran-commonmark_1.8.0-1.debian.tar.xz
 b7ba03aca3c33d0893b621f220c456373f681bcb 10764 
r-cran-commonmark_1.8.0-1_amd64.buildinfo
Checksums-Sha256:
 ebee2c42d3c237e8baa2a2ef052aeec30032d5dbec954be7467562d9cf7cdb6c 2089 
r-cran-commonmark_1.8.0-1.dsc
 7d07e72937b1cf158e69f183722bf79dbb91b8967a9dd29f4fa145500c2be668 139478 
r-cran-commonmark_1.8.0.orig.tar.gz
 c15e0d5e00005a300e0c490a57643306895ae254e716e789f6397f220cb89d12 2416 
r-cran-commonmark_1.8.0-1.debian.tar.xz
 ab42e27630ab7105be8d94a0ea35694042724c8ec4d2b697f1e6a5c563859e9b 10764 
r-cran-commonmark_1.8.0-1_amd64.buildinfo
Files:
 43e31d5b4c6bfa5368e170929bdd62a2 2089 gnu-r optional 
r-cran-commonmark_1.8.0-1.dsc
 c0a423af12c676209d054cb8c7d0c5a5 139478 gnu-r optional 
r-cran-commonmark_1.8.0.orig.tar.gz
 2d17af494e67bdfa4646135fbc82bd46 2416 gnu-r optional 
r-cran-commonmark_1.8.0-1.debian.tar.xz
 70ba445b5f993a12da9936eee0b9579e 10764 gnu-r optional 
r-cran-commonmark_1.8.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAmIpALARHHRpbGxlQGRl
Ymlhbi5vcmcACgkQV4oElNHGRtFG+g/+I4KqWeLxRjiGD9xfuRKnioJz7yRsSQ70
Px4EUHIJr5fVfS8aBjN4ozBozPIeelQkmgL7Z3CgnBlSVQGaMP0aCjzsfXGWXJm2
UXx18yLbMlOQ0UMDPaxmYeVxY795vVEI+TbZg/KdvQSoDfYMgPU+TkaZqIKHkLlC
rMbQe7usFY761FxQkoUoDyVQGmDjbEw/fDIqKsQG1xvBDmO7LJEZo/1EzZ9+RJNb
JFyUCYgW1Q9NuyBuFUKORj7/oWExljUIHywFlVgyLe2P0riMxsTQbTS6gYFU+aXH
a47bsRHy1OjLrqy/YajMXsPkn0sB3ID9i7k9GBgbRzq7D5rCTcYa1d+y5hjr6bMD
4mcNonqHSJtGC41JIlFkkd8kX1caAaj4W2wunw9LSglyCqmTYn0FghU5i/1bmpVq
J8LsKF5GDlAS/JZARDFmlg8LnCTNdJCXFMKuWIlufWqGLPiR85BDcuSWEfFa87he
mU9mdei3R/izEWRaHNn/9XJng43kYLGvjK4bMfee0W+muEw4We3pgJ/GcN49GNp8
03Ul72xzB6avUQ3daDvidwKTK+OhTWl5SzWhzM35/Jwy6uKTxxf1cXLBdXm+uzU1
nZQdOE9aZ374IaLla29eqehQVckyO5Zat5NGB75/fcLPlLx/uyvUxjK7tqBqFpf0
tMClh/XLq/4=
=j+fe
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to