Bug 30429

Summary: htmldoc new security issue CVE-2022-27114
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, davidwhodgins, nicolas.salguero, sysadmin-bugs
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: htmldoc-1.9.15-1.mga8.src.rpm CVE: CVE-2022-27114
Status comment:

Description David Walser 2022-05-14 18:18:13 CEST 
Debian-LTS has issued an advisory on May 13:
https://www.debian.org/lts/security/2022/dla-3004

The issue is fixed upstream in 1.9.16.

Mageia 8 is also affected.
David Walser 2022-05-14 18:18:29 CEST

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Fixed upstream in 1.9.16
CC: (none) => nicolas.salguero

Comment 1 Nicolas Salguero 2022-05-16 10:15:32 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. (CVE-2022-27114)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27114
https://www.debian.org/lts/security/2022/dla-3004
========================

Updated packages in core/updates_testing:
========================
htmldoc-1.9.15-1.1.mga8
htmldoc-nogui-1.9.15-1.1.mga8

from SRPM:
htmldoc-1.9.15-1.1.mga8.src.rpm

Status comment: Fixed upstream in 1.9.16 => (none)
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)
Assignee: bugsquad => qa-bugs
CVE: (none) => CVE-2022-27114
Status: NEW => ASSIGNED

Comment 2 Thomas Andrews 2022-05-18 02:25:35 CEST 
mga8-64 Plasma. No installation issues. 

Tested as in https://bugs.mageia.org/show_bug.cgi?id=29914#c3 and both gui and nogui versions produced a pdf file that was readable in Okular. The pdf did not look exactly as the html files looked in Firefox, but that was a feature. They were reformatted for a standard sheet of paper, rather than for a 24-inch monitor screen.

Looks OK here. Validating. Advisory in Comment 1.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs
Whiteboard: (none) => MGA8-64-OK

Dave Hodgins 2022-05-19 00:20:31 CEST

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 3 Mageia Robot 2022-05-19 09:57:03 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0191.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED