Bug 239563 - x11-toolkits/pango vulnerable
Summary: x11-toolkits/pango vulnerable
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Jochen Neumeister
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-31 18:18 UTC by Miyashita Touka
Modified: 2020-07-23 18:37 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (gnome)


Attachments
CVE-2019-1010238 (791 bytes, patch)
2019-08-01 16:05 UTC, Miyashita Touka
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Miyashita Touka 2019-07-31 18:18:54 UTC
The pango port needs a security update.

See:

https://ftp.gnome.org/pub/GNOME/sources/pango/1.44/
and
https://launchpad.net/ubuntu/+source/pango1.0/1.42.4-6ubuntu0.1
Comment 1 Miyashita Touka 2019-08-01 16:05:07 UTC
Created attachment 206202 [details]
CVE-2019-1010238
Comment 2 Miyashita Touka 2019-08-04 17:11:49 UTC
Anyone able to commit this security fix with a revision bump?
Comment 3 Miyashita Touka 2019-09-28 14:00:55 UTC
Still vulnerable, months after submission.
Comment 4 Jochen Neumeister freebsd_committer 2020-05-23 12:56:15 UTC
i add myself as a ports-secteam member so that i can investigate this PR later :-)
Comment 5 commit-hook freebsd_committer 2020-07-23 18:35:11 UTC
A commit references this bug:

Author: joneum
Date: Thu Jul 23 18:34:50 UTC 2020
New revision: 542951
URL: https://svnweb.freebsd.org/changeset/ports/542951

Log:
  SECURITY UPDATE: Buffer overflow

  Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

  PR:		239563
  Reported by:	Miyashita Touka <imagin8r@protonmail.com>
  Approved by:	gnome (maintainer timeout)
  MFH:		2020Q3
  Security:	456375e1-cd09-11ea-9172-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

Changes:
  head/x11-toolkits/pango/Makefile
  head/x11-toolkits/pango/files/CVE-20191010238
Comment 6 commit-hook freebsd_committer 2020-07-23 18:36:13 UTC
A commit references this bug:

Author: joneum
Date: Thu Jul 23 18:36:07 UTC 2020
New revision: 542952
URL: https://svnweb.freebsd.org/changeset/ports/542952

Log:
  MFH: r542951

  SECURITY UPDATE: Buffer overflow

  Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

  PR:		239563
  Reported by:	Miyashita Touka <imagin8r@protonmail.com>
  Approved by:	gnome (maintainer timeout)
  Security:	456375e1-cd09-11ea-9172-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/x11-toolkits/pango/Makefile
  branches/2020Q3/x11-toolkits/pango/files/CVE-20191010238