Mageia Bugzilla – Bug 12634
mupdf new buffer overflow security issue (CVE-2014-2013)
Last modified: 2014-02-18 16:38:39 CET
Fedora has issued an advisory on January 25:
Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron.
Note to QA: there is a reproducer linked in the RedHat bug:
Updated mupdf packages fix security vulnerability:
A stack-based buffer overflow was found in mupdf's xps_parse_color() function.
An attacker could create a specially crafted XPS file that, when opened, could
cause mupdf or an application using mupdf to crash.
Updated packages in core/updates_testing:
Steps to Reproduce:
The reproducer listed in the redhat bug is for windows (launches calc.exe).
Testing general use, starting with mga4-32.
Opens pdfs, 1 page per launch. attempting to open the exploit shows a limit in colors, which is what the fix is supposed to do, according to the fedora bug.
Tested mga4-64 as above, all OK.
mga3-64 tested, all OK
mga3-32 tested. All OK.
Ready to validate when advisory is uploaded to svn.
Thanks Bill :) Advisory uploaded.
Could sysadmin please push from 3&4 core/updates_testing to updates
This has been assigned CVE-2014-2013: