Attachment #254915 for bug #282523




PORTNAME=	libgsf
DISTVERSION=	1.14.53
CATEGORIES=	devel
MASTER_SITES=	GNOME
DIST_SUBDIR=	gnome2

MAINTAINER=	desktop@FreeBSD.org
COMMENT=	Extensible I/O abstraction for dealing with structured file formats
WWW=		http://www.gnumeric.org/

LICENSE=	LGPL21
LICENSE_FILE=	${WRKSRC}/COPYING

Lines 1-3 Link Here

(-)b/devel/libgsf/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1725101803	1	TIMESTAMP = 1730653091
2	SHA256 (gnome2/libgsf-1.14.52.tar.xz) = 9181c914b9fac0e05d6bcaa34c7b552fe5fc0961d3c9f8c01ccc381fb084bcf0	2	SHA256 (gnome2/libgsf-1.14.53.tar.xz) = 0eb59a86e0c50f97ac9cfe4d8cc1969f623f2ae8c5296f2414571ff0a9e8bcba
3	SIZE (gnome2/libgsf-1.14.52.tar.xz) = 707580	3	SIZE (gnome2/libgsf-1.14.53.tar.xz) = 714840

Lines 1-2 Link Here

(-)b/devel/libgsf/pkg-descr (-1 / +1 lines)
1	The library aims to provide an efficient extensible i/o abstraction for	1	The library aims to provide an efficient extensible I/O abstraction for
2	dealing with different structured file formats.	2	dealing with different structured file formats.

Lines 115-120 share/gtk-doc/html/gsf/up.png Link Here

(-)b/devel/libgsf/pkg-plist (+1 lines)
115	%%NLS%%share/locale/fr/LC_MESSAGES/libgsf.mo	115	%%NLS%%share/locale/fr/LC_MESSAGES/libgsf.mo
116	%%NLS%%share/locale/gl/LC_MESSAGES/libgsf.mo	116	%%NLS%%share/locale/gl/LC_MESSAGES/libgsf.mo
117	%%NLS%%share/locale/he/LC_MESSAGES/libgsf.mo	117	%%NLS%%share/locale/he/LC_MESSAGES/libgsf.mo
		118	%%NLS%%share/locale/hi/LC_MESSAGES/libgsf.mo
118	%%NLS%%share/locale/hr/LC_MESSAGES/libgsf.mo	119	%%NLS%%share/locale/hr/LC_MESSAGES/libgsf.mo
119	%%NLS%%share/locale/hu/LC_MESSAGES/libgsf.mo	120	%%NLS%%share/locale/hu/LC_MESSAGES/libgsf.mo
120	%%NLS%%share/locale/id/LC_MESSAGES/libgsf.mo	121	%%NLS%%share/locale/id/LC_MESSAGES/libgsf.mo




  <vuln vid="5abf3da7-9a0d-11ef-a8f0-a8a15998b5cb">
    <topic>libgsf -- Arbitrary code execution</topic>
    <affects>
      <package>
	<name>libgsf</name>
	<range><eq>1.14.52</eq></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>talos-cna@cisco.com reports:</p>
	<blockquote cite="https://gitlab.gnome.org/GNOME/libgsf/-/issues/34">
	  <p>An integer overflow vulnerability exists in the Compound Document
	Binary File format parser of v1.14.52 of the GNOME Project G
	Structured File Library (libgsf).  A specially crafted file can
	result in an integer overflow that allows for a heap-based buffer
	overflow when processing the sector allocation table.  This can
	lead to arbitrary code execution.  An attacker can provide a malicious
	file to trigger this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-42415</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2024-42415</url>
    </references>
    <dates>
      <discovery>2024-10-03</discovery>
      <entry>2024-11-03</entry>
    </dates>
  </vuln>

  <vuln vid="0fe764aa-9a0d-11ef-a8f0-a8a15998b5cb">
    <topic>libgsf -- Arbitrary code execution</topic>
    <affects>
      <package>
	<name>libgsf</name>
	<range><eq>1.14.52</eq></range>
      </package>
    </affects>
    <description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>talos-cna@cisco.com reports:</p>
	<blockquote cite="https://gitlab.gnome.org/GNOME/libgsf/-/issues/34">
	  <p>An integer overflow vulnerability exists in the Compound Document
	Binary File format parser of the GNOME Project G Structured File
	Library (libgsf) version v1.14.52.  A specially crafted file can
	result in an integer overflow when processing the directory from
	the file that allows for an out-of-bounds index to be used when
	reading and writing to an array.  This can lead to arbitrary code
	execution.  An attacker can provide a malicious file to trigger
	this vulnerability.</p>
	</blockquote>
	</body>
    </description>
    <references>
      <cvename>CVE-2024-36474</cvename>
      <url>https://nvd.nist.gov/vuln/detail/CVE-2024-36474</url>
    </references>
    <dates>
      <discovery>2024-10-03</discovery>
      <entry>2024-11-03</entry>
    </dates>
  </vuln>

  <vuln vid="e17384ef-c5e8-4b5d-bb62-c13405e7f1f7">
    <topic>chromium -- multiple security fixes</topic>
    <affects>
- 

Return to bug 282523

Lines 1-12 Link Here

(-)b/devel/libgsf/Makefile (-2 / +2 lines)
1	PORTNAME= libgsf	1	PORTNAME= libgsf
2	DISTVERSION= 1.14.52	2	DISTVERSION= 1.14.53
3	CATEGORIES= devel	3	CATEGORIES= devel
4	MASTER_SITES= GNOME	4	MASTER_SITES= GNOME
5	DIST_SUBDIR= gnome2	5	DIST_SUBDIR= gnome2
6		6
7	MAINTAINER= desktop@FreeBSD.org	7	MAINTAINER= desktop@FreeBSD.org
8	COMMENT= Extensible I/O abstraction for dealing with structured file formats	8	COMMENT= Extensible I/O abstraction for dealing with structured file formats
9	WWW= http://www.gnumeric.org	9	WWW= http://www.gnumeric.org/
10		10
11	LICENSE= LGPL21	11	LICENSE= LGPL21
12	LICENSE_FILE= ${WRKSRC}/COPYING	12	LICENSE_FILE= ${WRKSRC}/COPYING

Lines 1-3 Link Here

(-)b/security/vuxml/vuln/2024.xml (-1 / +65 lines)
		1	<vuln vid="5abf3da7-9a0d-11ef-a8f0-a8a15998b5cb">
		2	<topic>libgsf -- Arbitrary code execution</topic>
		3	<affects>
		4	<package>
		5	<name>libgsf</name>
		6	<range><eq>1.14.52</eq></range>
		7	</package>
		8	</affects>
		9	<description>
		10	<body xmlns="http://www.w3.org/1999/xhtml">
		11	<p>talos-cna@cisco.com reports:</p>
		12	<blockquote cite="https://gitlab.gnome.org/GNOME/libgsf/-/issues/34">
		13	<p>An integer overflow vulnerability exists in the Compound Document
		14	Binary File format parser of v1.14.52 of the GNOME Project G
		15	Structured File Library (libgsf). A specially crafted file can
		16	result in an integer overflow that allows for a heap-based buffer
		17	overflow when processing the sector allocation table. This can
		18	lead to arbitrary code execution. An attacker can provide a malicious
		19	file to trigger this vulnerability.</p>
		20	</blockquote>
		21	</body>
		22	</description>
		23	<references>
		24	<cvename>CVE-2024-42415</cvename>
		25	<url>https://nvd.nist.gov/vuln/detail/CVE-2024-42415</url>
		26	</references>
		27	<dates>
		28	<discovery>2024-10-03</discovery>
		29	<entry>2024-11-03</entry>
		30	</dates>
		31	</vuln>
		32
		33	<vuln vid="0fe764aa-9a0d-11ef-a8f0-a8a15998b5cb">
		34	<topic>libgsf -- Arbitrary code execution</topic>
		35	<affects>
		36	<package>
		37	<name>libgsf</name>
		38	<range><eq>1.14.52</eq></range>
		39	</package>
		40	</affects>
		41	<description>
		42	<body xmlns="http://www.w3.org/1999/xhtml">
		43	<p>talos-cna@cisco.com reports:</p>
		44	<blockquote cite="https://gitlab.gnome.org/GNOME/libgsf/-/issues/34">
		45	<p>An integer overflow vulnerability exists in the Compound Document
		46	Binary File format parser of the GNOME Project G Structured File
		47	Library (libgsf) version v1.14.52. A specially crafted file can
		48	result in an integer overflow when processing the directory from
		49	the file that allows for an out-of-bounds index to be used when
		50	reading and writing to an array. This can lead to arbitrary code
		51	execution. An attacker can provide a malicious file to trigger
		52	this vulnerability.</p>
		53	</blockquote>
		54	</body>
		55	</description>
		56	<references>
		57	<cvename>CVE-2024-36474</cvename>
		58	<url>https://nvd.nist.gov/vuln/detail/CVE-2024-36474</url>
		59	</references>
		60	<dates>
		61	<discovery>2024-10-03</discovery>
		62	<entry>2024-11-03</entry>
		63	</dates>
		64	</vuln>
65
1	<vuln vid="e17384ef-c5e8-4b5d-bb62-c13405e7f1f7">	66	<vuln vid="e17384ef-c5e8-4b5d-bb62-c13405e7f1f7">
2	<topic>chromium -- multiple security fixes</topic>	67	<topic>chromium -- multiple security fixes</topic>
3	<affects>	68	<affects>
4	-