Bug 21634 - fontforge new security issues CVE-2017-1156[89], CVE-2017-1157[124567]
Summary: fontforge new security issues CVE-2017-1156[89], CVE-2017-1157[124567]
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA5TOO MGA5-32-OK MGA6-64-OK MGA5-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2017-08-29 22:22 CEST by David Walser
Modified: 2018-01-03 15:23 CET (History)
5 users (show)

See Also:
Source RPM: fontforge-20170731-5.mga7.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2017-08-29 22:22:16 CEST
Debian has issued an advisory today (August 29):
https://www.debian.org/security/2017/dsa-3958

The fixes may have been included in the version in Cauldron (we'll have to check), but at least Mageia 5 and Mageia 6 are affected.
David Walser 2017-08-29 22:23:05 CEST

Assignee: bugsquad => rverschelde
Whiteboard: (none) => MGA6TOO, MGA5TOO

Comment 1 Nicolas Lécureuil 2017-08-30 18:20:39 CEST
cauldron is not affected

Whiteboard: MGA6TOO, MGA5TOO => MGA5TOO
Version: Cauldron => 6
CC: (none) => mageia

Comment 2 David Walser 2017-12-29 02:20:36 CET
Advisory:
========================

Updated fontforge packages fix security vulnerabilities:

It was discovered that FontForge, a font editor, did not correctly validate its
input. An attacker could use this flaw by tricking a user into opening a
maliciously crafted OpenType font file, thus causing a denial-of-service via
application crash, or execution of arbitrary code (CVE-2017-11568,
CVE-2017-11569, CVE-2017-11571, CVE-2017-11572, CVE-2017-11574, CVE-2017-11575,
CVE-2017-11576, CVE-2017-11577).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11577
https://www.debian.org/security/2017/dsa-3958
========================

Updated packages in core/updates_testing:
========================
fontforge-1.0-1.20120731.10.mga5
fontforge-20161012-4.1.mga6
libfontforge-devel-20161012-4.1.mga6

from SRPMS:
fontforge-1.0-1.20120731.10.mga5.src.rpm
fontforge-20161012-4.1.mga6.src.rpm

CC: (none) => rverschelde
Assignee: rverschelde => qa-bugs

Dave Hodgins 2018-01-01 07:22:24 CET

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 3 Herman Viaene 2018-01-01 14:30:18 CET
MGA5-32 on Dell Latitude D600 Xfce
No installation issues
Ref to bug 3161 Comment 9:
Copied LiberationSans_Regular to my home.
$ fontforge LiberationSans-Regular.ttf 
Copyright (c) 2000-2012 by George Williams.
 Executable based on sources from 14:57 GMT 31-Jul-2012-NoPython.
 Library based on sources from 14:57 GMT 31-Jul-2012.
Rotated uppercase "Gamma" character 90 degrees and followed prompts of editor to save the ttf file.
$ fontimage -o fonts.png LiberationSans-Regular.ttf 
Copyright (c) 2000-2012 by George Williams.
 Executable based on sources from 14:57 GMT 31-Jul-2012-NoPython.
 Library based on sources from 14:57 GMT 31-Jul-2012.
Checked resulting png file and see rotated character.
OK for me.

CC: (none) => herman.viaene
Whiteboard: MGA5TOO => MGA5TOO MGA5-32-OK

Comment 4 Dave Hodgins 2018-01-03 14:11:09 CET
Validating baesd on
fontforge /usr/share/fonts/TTF/liberation/LiberationSans-BoldItalic.ttf
working ok.

Whiteboard: MGA5TOO MGA5-32-OK => MGA5TOO MGA5-32-OK MGA6-64-OK MGA5-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 5 Mageia Robot 2018-01-03 15:23:29 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0037.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.