Bug 239563 - x11-toolkits/pango vulnerable
Summary: x11-toolkits/pango vulnerable
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Jochen Neumeister
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-31 18:18 UTC by Miyashita Touka
Modified: 2020-07-23 18:37 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (gnome)

Attachments
CVE-2019-1010238 (791 bytes, patch)
2019-08-01 16:05 UTC, Miyashita Touka 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Miyashita Touka 2019-07-31 18:18:54 UTC 
The pango port needs a security update.

See:

https://ftp.gnome.org/pub/GNOME/sources/pango/1.44/
and
https://launchpad.net/ubuntu/+source/pango1.0/1.42.4-6ubuntu0.1
Comment 1 Miyashita Touka 2019-08-01 16:05:07 UTC 
Created attachment 206202 [details]
CVE-2019-1010238
Comment 2 Miyashita Touka 2019-08-04 17:11:49 UTC 
Anyone able to commit this security fix with a revision bump?
Comment 3 Miyashita Touka 2019-09-28 14:00:55 UTC 
Still vulnerable, months after submission.
Comment 4 Jochen Neumeister freebsd_committer freebsd_triage 2020-05-23 12:56:15 UTC 
i add myself as a ports-secteam member so that i can investigate this PR later :-)
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-07-23 18:35:11 UTC 
A commit references this bug:

Author: joneum
Date: Thu Jul 23 18:34:50 UTC 2020
New revision: 542951
URL: https://svnweb.freebsd.org/changeset/ports/542951

Log:
  SECURITY UPDATE: Buffer overflow

  Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

  PR:		239563
  Reported by:	Miyashita Touka <imagin8r@protonmail.com>
  Approved by:	gnome (maintainer timeout)
  MFH:		2020Q3
  Security:	456375e1-cd09-11ea-9172-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

Changes:
  head/x11-toolkits/pango/Makefile
  head/x11-toolkits/pango/files/CVE-20191010238
Comment 6 commit-hook freebsd_committer freebsd_triage 2020-07-23 18:36:13 UTC 
A commit references this bug:

Author: joneum
Date: Thu Jul 23 18:36:07 UTC 2020
New revision: 542952
URL: https://svnweb.freebsd.org/changeset/ports/542952

Log:
  MFH: r542951

  SECURITY UPDATE: Buffer overflow

  Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

  PR:		239563
  Reported by:	Miyashita Touka <imagin8r@protonmail.com>
  Approved by:	gnome (maintainer timeout)
  Security:	456375e1-cd09-11ea-9172-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/x11-toolkits/pango/Makefile
  branches/2020Q3/x11-toolkits/pango/files/CVE-20191010238