** Changed in: libgxps (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libgxps in Ubuntu.
https://bugs.launchpad.net/bugs/1797785
Title:
heap buffer overflow in ft_font_face_hash of gxps-fonts.c
CVE-2018-10733
Status in libgxps package in Ubuntu:
Confirmed
Bug description:
https://security-tracker.debian.org/tracker/CVE-2018-10733
This issue is fixed in Ubuntu 18.10 and needs to be fixed in at least
Ubuntu 18.04 LTS.
https://launchpad.net/ubuntu/+source/libgxps/0.3.0-3
https://salsa.debian.org/gnome-team/libgxps/commits/debian/master
I believe you'll want these commits:
* Cherry-pick
gxps-archive-Ensure-gxps_archive_read_entry-fills-the-GEr.patch
& gxps-archive-Handle-errors-returned-by-archive_read_data.patch:
- Fix heap buffer overflow in ft_font_face_hash of gxps-fonts.c
CVE-2018-10733 (Closes: #897954)
* Cherry-pick gxps-images-fix-integer-overflow-in-png-decoder.patch:
- Fix an integer overflow
This is a bug fix that might not be needed for the security update.
* Cherry-pick
gxps-images-clear-the-error-before-trying-to-load-an-imag.patch:
- clear an error so that fallback image loading works
Note that there is another reported security issue that appears unfixed:
https://security-tracker.debian.org/tracker/CVE-2018-10767
It looks like the Debian and Ubuntu security teams have determined
that these 2 CVEs are low priority.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libgxps/+bug/1797785/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
