Created attachment 174138 [details] mupdf.diff Seen on the OpenBSD Ports mailing list. These should affect the version in the FreeBSD ports tree too. This also affects graphics/llpp and graphics/zathura-pdf-mupdf since both statically link with mupdf. I'm attaching a patch that bumps portrevisions of all 3 ports and includes patches that are supposed to fix these issues. OpenBSD commit message: ------------------------- revision 1.65 date: 2016/08/27 20:58:48; author: jca; state: Exp; lines: +2 -2; commitid: 7TTHy8bFvHVkME08; SECURITY fixes for CVE-2016-6525 & CVE-2016-6265 CVE-2016-6525 heap overflow in pdf_load_mesh_params() CVE-2016-6265 use-after-free Reported by & looks good to stsp@, ok sthen@ (maintainer) ------------------------ More info: - https://marc.info/?l=oss-security&m=147022667716011&w=2 - https://marc.info/?l=oss-security&m=146911020216511&w=2 I haven't done any test builds in Poudriere yet. Mupdf still builds fine outside of it however. Doing poudriere builds will take a while.
Build fine with poudriere. Accept.
@Zsolt please approve patches by setting maintainer-approval to + on attachments for ports you are maintainer of. Attachment -> Details -> maintainer-approval [+] Maintainer is not committer, assign to ports-secteam accordingly Thank you for the report and patch Tobias
A commit references this bug: Author: feld Date: Wed Oct 12 00:11:08 UTC 2016 New revision: 423807 URL: https://svnweb.freebsd.org/changeset/ports/423807 Log: graphics/mupdf: Patch to resolve CVEs PR: 212207 MFH: 2016Q4 Security: CVE-2016-6525 Security: CVE-2016-6265 Changes: head/graphics/llpp/Makefile head/graphics/mupdf/Makefile head/graphics/mupdf/files/patch-scripts_fontdump.c head/graphics/mupdf/files/patch-source__fitz__load-jpx.c head/graphics/mupdf/files/patch-source_pdf_pdf-shade.c head/graphics/mupdf/files/patch-source_pdf_pdf-xref.c head/graphics/zathura-pdf-mupdf/Makefile
A commit references this bug: Author: feld Date: Wed Oct 12 00:12:14 UTC 2016 New revision: 423808 URL: https://svnweb.freebsd.org/changeset/ports/423808 Log: MFH: r423807 graphics/mupdf: Patch to resolve CVEs PR: 212207 Security: CVE-2016-6525 Security: CVE-2016-6265 Approved by: ports-secteam (with hat) Changes: _U branches/2016Q4/ branches/2016Q4/graphics/llpp/Makefile branches/2016Q4/graphics/mupdf/Makefile branches/2016Q4/graphics/mupdf/files/patch-scripts_fontdump.c branches/2016Q4/graphics/mupdf/files/patch-source__fitz__load-jpx.c branches/2016Q4/graphics/mupdf/files/patch-source_pdf_pdf-shade.c branches/2016Q4/graphics/mupdf/files/patch-source_pdf_pdf-xref.c branches/2016Q4/graphics/zathura-pdf-mupdf/Makefile
A commit references this bug: Author: feld Date: Wed Oct 12 00:49:01 UTC 2016 New revision: 423813 URL: https://svnweb.freebsd.org/changeset/ports/423813 Log: Document mupdf vulnerabilites PR: 212207 Security: CVE-2016-6525 Security: CVE-2016-6265 Changes: head/security/vuxml/vuln.xml
Committed, thanks for your submission!