Bug 27704 - pdfresurrect new security issue CVE-2020-20740
Summary: pdfresurrect new security issue CVE-2020-20740
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2020-12-02 15:53 CET by David Walser
Modified: 2020-12-05 20:48 CET (History)
4 users (show)

See Also:
Source RPM: pdfresurrect-0.18-1.1.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-12-02 15:53:42 CET 
Debian-LTS has issued an advisory on December 1:
https://www.debian.org/lts/security/2020/dla-2475

The issue is fixed upstream in 0.21.
David Walser 2020-12-02 15:54:02 CET

Assignee: bugsquad => geiger.david68210

Comment 1 David GEIGER 2020-12-04 11:40:26 CET 
Done for mga7!
Comment 2 David Walser 2020-12-04 13:09:10 CET 
Advisory:
========================

Updated pdfresurrect package fixes security vulnerability:

In PDFResurrect before 0.20, lack of header validation checks causes a
heap-buffer-overflow in pdf_get_version() (CVE-2020-20740).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20740
https://www.debian.org/lts/security/2020/dla-2475
========================

Updated packages in core/updates_testing:
========================
pdfresurrect-0.21-1.mga7

from pdfresurrect-0.21-1.mga7.src.rpm

CC: (none) => geiger.david68210
Assignee: geiger.david68210 => qa-bugs

Comment 3 David Walser 2020-12-04 22:27:47 CET 
Fedora has issued an advisory for this today (December 4):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JMEEEPBBGER5LPABBRVZLMCC6Z24RBXW/
Comment 4 Herman Viaene 2020-12-05 15:08:00 CET 
MGA7-64 MATE on Peaq C1011
No installation isssues.
Ref bug 26304 for test, I will upload the referredd pdf for future reference.
$ pdfresurrect Remoteattacksurfaces.pdf -i
Gives loads of
Remoteattacksurfaces.pdf: --A-- Version 1 -- Object 5830 (Unknown)
Remoteattacksurfaces.pdf: --A-- Version 1 -- Object 5831 (Stream)
and at the end
---------- Remoteattacksurfaces.pdf ----------
Versions: 2
Version 1 -- 5832 objects
PDF Version: 1.5
Title: 
Author: (chris)
Subject: 
Keywords: 
Creator: (��
Producer: 
CreationDate: 
ModDate: 
Trapped: 
which is similar to the previous bug report
$ pdfresurrect Remoteattacksurfaces.pdf -q
Remoteattacksurfaces.pdf: 2
no feedback at all
But 2 versions of the file heve been extracted, and can be read OK.
running the same command at a "regular" pdf file
gives similar results, but
$ pdfresurrect decl2011_43122204192.pdf -q
decl2011_43122204192.pdf: 1
only one version is present, so noadditional files created.
OK for me.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA7-64-OK

Comment 5 Herman Viaene 2020-12-05 15:12:31 CET 
Sorry, test file is too large and compresses very little.
Comment 6 Aurelien Oudelet 2020-12-05 17:30:04 CET 
Validating
Advisory pushed to SVN.

Keywords: (none) => advisory, validated_update
CC: (none) => ouaurelien, sysadmin-bugs

Comment 7 Mageia Robot 2020-12-05 20:48:14 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0449.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.