Control: reassign -1 bzip3 Control: retitle -1 bipz3 CVE-2023-29415 CVE-2023-29416 CVE-2023-29418 CVE-2023-29419 CVE-2023-29420 CVE-2023-29421
Dear Moritz and Sec Team, Please, correct me if I am wrong, but it seems a bzip3 bug, instead of a bzip2's. El 10/04/23 a las 19:33, Moritz Mühlenhoff escribió: > Source: bzip2 > X-Debbugs-CC: t...@security.debian.org > Severity: grave > Tags: security > > Hi, > > The following vulnerabilities were published for bzip2. > > CVE-2023-29415[0]: > | An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial > | of service (process hang) can occur with a crafted archive because > | bzip3 does not follow the required procedure for interacting with > | libsais. > > https://github.com/kspalaiologos/bzip3/issues/95 > https://github.com/kspalaiologos/bzip3/commit/56c24ca1f8f25e648d42154369b6962600f76465 bzip2 -t 4.crashes.bz3 bzip2: 4.crashes.bz3: bad magic number (file not created by bzip2) You can use the `bzip2recover' program to attempt to recover data from undamaged sections of corrupted files. > > CVE-2023-29416[1]: > | An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A > | bz3_decode_block out-of-bounds write can occur with a crafted archive > | because bzip3 does not follow the required procedure for interacting > | with libsais. > > https://github.com/kspalaiologos/bzip3/commit/bfa5bf82b53715dfedf048e5859a46cf248668ff > (1.3.0) > https://github.com/kspalaiologos/bzip3/issues/92 > I got similar errors. > CVE-2023-29418[2]: > | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is > | an xwrite out-of-bounds read. > > https://github.com/kspalaiologos/bzip3/commit/aae16d107f804f69000c09cd92027a140968cc9d > (1.2.3) > https://github.com/kspalaiologos/bzip3/issues/92 > > CVE-2023-29419[3]: > | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is > | a bz3_decode_block out-of-bounds read. > > https://github.com/kspalaiologos/bzip3/commit/8ec8ce7d3d58bf42dabc47e4cc53aa27051bd602 > (1.2.3) > https://github.com/kspalaiologos/bzip3/issues/92 > > CVE-2023-29420[4]: > | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is > | a crash caused by an invalid memmove in bz3_decode_block. > > https://github.com/kspalaiologos/bzip3/commit/bb06deb85f1c249838eb938e0dab271d4194f8fa > (1.2.3) > https://github.com/kspalaiologos/bzip3/issues/92 > > CVE-2023-29421[5]: > | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is > | an out-of-bounds write in bz3_decode_block. > > https://github.com/kspalaiologos/bzip3/issues/94 > https://github.com/kspalaiologos/bzip3/commit/33b1951f153c3c5dc8ed736b9110437e1a619b7d > (1.2.3) I am unable to find a similar code in my local bzip2 copy. > > If you fix the vulnerabilities please also make sure to include the > CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2023-29415 > https://www.cve.org/CVERecord?id=CVE-2023-29415 > [1] https://security-tracker.debian.org/tracker/CVE-2023-29416 > https://www.cve.org/CVERecord?id=CVE-2023-29416 > [2] https://security-tracker.debian.org/tracker/CVE-2023-29418 > https://www.cve.org/CVERecord?id=CVE-2023-29418 > [3] https://security-tracker.debian.org/tracker/CVE-2023-29419 > https://www.cve.org/CVERecord?id=CVE-2023-29419 > [4] https://security-tracker.debian.org/tracker/CVE-2023-29420 > https://www.cve.org/CVERecord?id=CVE-2023-29420 > [5] https://security-tracker.debian.org/tracker/CVE-2023-29421 > https://www.cve.org/CVERecord?id=CVE-2023-29421 > > Please adjust the affected versions in the BTS as needed. > Cheers, -- Santiago
signature.asc
Description: PGP signature