Hi all, Kevin Backhouse of the [GitHub Security Lab team][1] has discovered several issues in the epson2, epsonds and magicolor backends that could be exploited by a malicious network device. All three backends are enabled by default. Moreover, all enable automatic discovery of network devices. The issues can be used to crash SANE frontends at start up or when starting a scan as well as corrupt memory leading to a possibility of remote code execution.
[1]: https://securitylab.github.com This release fixes the issues for the epson2 and magicolor backends and mitigates them for the epsonds backend. We recommend that you upgrade to this release. The source tarball and checksums can be found on the [releases page][2]. [2]: https://gitlab.com/sane-project/backends/-/releases Please note that this page also mentions a "Source code" pull down menu from which you can download the corresponding git repository. These archives do *not* include generated files such as the configure script, Makefile.in files and more. A nicely formatted version of the release notes can be found at the [releases page][2] as well. For your convenience, the "raw" Markdown is included below. ### Backends - `epson2`: fixes CVE-2020-12867 (GHSL-2020-075) and several memory management issues found while addressing that CVE - `epsonds`: addresses out-of-bound memory access issues to fix CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084) and disables network autodiscovery to mitigate CVE-2020-12866 (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 (GHSL-2020-081). Note that this backend does not support network scanners to begin with. - `magicolor`: fixes a floating point exception and uninitialized data read - fixes an overflow in `sanei_tcp_read()` ### Build - fixes a build issue where linker flags would become link time dependencies (#239) In case you encounter any issues with this release, please contact the [sane-devel mailing list][3] or [submit an issue][4]. [3]: mailto:[email protected] [4]: https://gitlab.com/sane-project/backends/-/issues Hope this helps, -- Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Software https://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join
