Debian-LTS has issued an advisory on March 31: https://www.debian.org/lts/security/2021/dla-2612 The issues are fixed upstream in 1.80.0.
Status comment: (none) => Fixed upstream in 1.80.0
Fedora has issued an advisory for this on April 19: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA/
leptonica-1-80-0 has been submitted to 7/core/updates_testing ##################### Advisory This update fixes several heap-based buffer overflow and DoS vulnerabilities. ################### References From redhat: [ 1 ] Bug #1939138 - CVE-2020-36281 leptonica: heap-based buffer overflow in pixFewColorsOctcubeQuantMixed in colorquant1.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939138 [ 2 ] Bug #1939139 - CVE-2020-36281 mingw-leptonica: leptonica: heap-based buffer overflow in pixFewColorsOctcubeQuantMixed in colorquant1.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939139 [ 3 ] Bug #1939194 - CVE-2020-36277 leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939194 [ 4 ] Bug #1939195 - CVE-2020-36277 mingw-leptonica: leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939195 [ 5 ] Bug #1939196 - CVE-2020-36277 leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1939196 [ 6 ] Bug #1939201 - CVE-2020-36278 leptonica: heap-based buffer overflow in findNextBorderPixel in ccbord.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939201 [ 7 ] Bug #1939202 - CVE-2020-36278 mingw-leptonica: leptonica: heap-based buffer overflow in findNextBorderPixel in ccbord.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939202 [ 8 ] Bug #1939207 - CVE-2020-36279 leptonica: heap-based buffer overflow in rasteropGeneralLow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939207 [ 9 ] Bug #1939208 - CVE-2020-36279 mingw-leptonica: leptonica: heap-based buffer overflow in rasteropGeneralLow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939208 [ 10 ] Bug #1939211 - CVE-2020-36280 leptonica: heap-based buffer overflow in pixReadFromTiffStream [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939211 [ 11 ] Bug #1939212 - CVE-2020-36280 mingw-leptonica: leptonica: heap-based buffer overflow in pixReadFromTiffStream [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1939212 ################# Affected rpms lib64leptonica5-1.80.0-1.mga7.x86_64.rpm lib64leptonica-devel-1.80.0-1.mga7.x86_64.rpm leptonica-debugsource-1.80.0-1.mga7.x86_64.rpm lib64leptonica5-debuginfo-1.80.0-1.mga7.x86_64.rpm libleptonica5-1.80.0-1.mga7.i586.rpm libleptonica-devel-1.80.0-1.mga7.i586.rpm leptonica-debugsource-1.80.0-1.mga7.i586.rpm libleptonica5-debuginfo-1.80.0-1.mga7.i586.rpm leptonica-1.80.0-1.mga7.src.rpm ################ Testing No idea sorry.
Assignee: zen25000 => qa-bugs
CC: (none) => zen25000
Mageia7, x86_64 Ran tesseract, an OCR application, before updating leptonica. Original text in a bold font as a JPEG image: ---------------- Carol & Tommy ---------------- $ tesseract abc.jpg abc --psm 5 $ cat abc.txt g - - Sel ---------------- Tried PNG input format: $ tesseract abc.png abc_png --psm 5 Tesseract Open Source OCR Engine v4.0.0 with Leptonica Warning: Invalid resolution 0 dpi. Using 70 instead. $ cat abc_png.txt g w £ S e S ---------------- Not very useful really - can only assume that it is very fussy about fonts. No time to experiment. Updated the two libraries. $ tesseract abc.jpg abc --psm 5 Tesseract Open Source OCR Engine v4.0.0 with Leptonica Warning: Invalid resolution 0 dpi. Using 70 instead. $ cat abc.txt g - - Sel ---------------- The PNG image renedered the same text as before as well. So no obvious regression. Passing this for mga7.
CC: (none) => tarazed25Whiteboard: (none) => MGA7-64-OK
Addendum to comment 3. The application does work in some circumstances - tried an old test file and got near perfect results. $ tesseract test.tiff test1 --psm 4 Tesseract Open Source OCR Engine v4.0.0 with Leptonica Page 1 $ cat test1.txt 6. MAINTENANCE AND ADJUSTMENTS 6-1. GENERAL INFORMATION Notos Your transceiver has been factory aligned and 1. Record the date of purchase, serial number and tested to specification before shipment. Under dealer from whom purchased. _ normal circumstances the transceiver will operate 2. For your own information, retain a written record in accordance with these operating instructions. All of any maintenance performed on the unit. adjustable trimmers and coils in your transceiver 3. When claiming warranty service, please include were preset at the factory and should only be a photocopy of _the bill of sale, or other proof of readjusted by a qualified technician with proper purchase showing the date of sale. test equipment. Attempting service or alignment without factory authorization can void the transceiver's warranty. 6-3. CLEANING ----------------------------------------------------------------- Alignment is not preserved but that should not be expected because text was arranged in separate non-aligned blocks in two different font sizes. It is good anyway.
Created attachment 12820 [details] Test image for OCR
Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Advisory: ======================== Updated leptonica packages fix security vulnerabilities Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c (CVE-2020-36277). Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c (CVE-2020-36278). Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c (CVE-2020-36279). Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c (CVE-2020-36280). Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c (CVE-2020-36281). References: - https://bugs.mageia.org/show_bug.cgi?id=28994 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36277 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36278 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36279 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36280 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36281 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JQUEA2X6UTH4DMYCMZAWE2QQLN5YANUA/ - https://www.debian.org/lts/security/2021/dla-2612 ======================== Updated packages in core/updates_testing: ======================== lib(64)leptonica5-1.80.0-1.mga7 lib(64)leptonica-devel-1.80.0-1.mga7 leptonica-debugsource-1.80.0-1.mga7 lib(64)leptonica5-debuginfo-1.80.0-1.mga7 from SRPM: leptonica-1.80.0-1.mga7
CVE: (none) => CVE-2020-3627[7-9] and CVE-2020-3628[0-1]CC: (none) => ouaurelienStatus comment: Fixed upstream in 1.80.0 => (none)Summary: leptonica new security issues CVE-2020-3627[7-9] and CVE-2020-36281 => leptonica new security issues CVE-2020-3627[7-9] and CVE-2020-3628[0-1]
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0290.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED