1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1108729: djvulibre: CVE-2025-53367

    From Salvatore Bonaccorso@21:1/5 to All on Fri Jul 4 06:40:02 2025
    Source: djvulibre
    Version: 3.5.28-2
    Severity: grave
    Tags: security upstream
    Justification: user security hole
    X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

    Hi,

    The following vulnerability was published for djvulibre.

    CVE-2025-53367[0]:
    | DjVuLibre is a GPL implementation of DjVu, a web-centric format for
    | distributing documents and images. Prior to version 3.5.29, the
    | MMRDecoder::scanruns method is affected by an OOB-write
    | vulnerability, because it does not check that the xr pointer stays
    | within the bounds of the allocated buffer. This can lead to writes
    | beyond the allocated memory, resulting in a heap corruption
    | condition. An out-of-bounds read with pr is also possible for the
    | same reason. This issue has been patched in version 3.5.29.


    If you fix the vulnerability please also make sure to include the
    CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

    For further information see:

    [0] https://security-tracker.debian.org/tracker/CVE-2025-53367
    https://www.cve.org/CVERecord?id=CVE-2025-53367
    [1] https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3da/
    [2] https://www.openwall.com/lists/oss-security/2025/07/03/1

    Please adjust the affected versions in the BTS as needed.

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Fri Jul 4 07:50:01 2025
    Processing control commands:

    tags 1108729 + patch
    Bug #1108729 [src:djvulibre] djvulibre: CVE-2025-53367
    Added tag(s) patch.
    tags 1108729 + pending
    Bug #1108729 [src:djvulibre] djvulibre: CVE-2025-53367
    Added tag(s) pending.

    --
    1108729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108729
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Fri Jul 4 17:10:01 2025
    This is a multi-part message in MIME format...

    Your message dated Fri, 04 Jul 2025 15:04:23 +0000
    with message-id <E1uXhxf-006DXA-Gg@fasolo.debian.org>
    and subject line Bug#1108729: fixed in djvulibre 3.5.28-2.1
    has caused the Debian Bug report #1108729,
    regarding djvulibre: CVE-2025-53367
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
    immediately.)


    --
    1108729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108729
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    Received: (at submit) by bugs.debian.org; 4 Jul 2025 04:29:43 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1-bugs.debian.org_2005_01_02
    (2024-03-25) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-9.4 required=4.0 tests=BAYES_00,FROMDEVELOPER,
    KHOP_HELO_FCRDNS,MD5_SHA1_SUM,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,
    RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED,
    RDNS_DYNAMIC,SPF_HELO_NONE,SPF_NONE,XMAILER_REPORTBUG autolearn=ham
    autolearn_force=no version=4.0.1-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 29; hammy, 149; neutral, 50; spammy,
    1. spammytokens:0.944-+--H*r:bugs.debian.org
    hammytokens:0.000-+--H*F:U*carnil, 0.000-+--XDebbugsCc,
    0.000-+--X-Debbugs-Cc, 0.000-+--H*r:eldamar.lan, 0.000-+--H*M:reportbug Return-path: <carnil@debian.org>
    Received: from c-82-192-244-13.customer.ggaweb.ch ([82
  • From Debian Bug Tracking System@21:1/5 to All on Tue Jul 8 09:20:01 2025
    This is a multi-part message in MIME format...

    Your message dated Tue, 08 Jul 2025 07:17:51 +0000
    with message-id <E1uZ2aN-0064JE-Im@fasolo.debian.org>
    and subject line Bug#1108729: fixed in djvulibre 3.5.28-2.1~deb12u1
    has caused the Debian Bug report #1108729,
    regarding djvulibre: CVE-2025-53367
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
    immediately.)


    --
    1108729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108729
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    Received: (at submit) by bugs.debian.org; 4 Jul 2025 04:29:43 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1-bugs.debian.org_2005_01_02
    (2024-03-25) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-9.4 required=4.0 tests=BAYES_00,FROMDEVELOPER,
    KHOP_HELO_FCRDNS,MD5_SHA1_SUM,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,
    RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED,
    RDNS_DYNAMIC,SPF_HELO_NONE,SPF_NONE,XMAILER_REPORTBUG autolearn=ham
    autolearn_force=no version=4.0.1-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 29; hammy, 149; neutral, 50; spammy,
    1. spammytokens:0.944-+--H*r:bugs.debian.org
    hammytokens:0.000-+--H*F:U*carnil, 0.000-+--XDebbugsCc,
    0.000-+--X-Debbugs-Cc, 0.000-+--H*r:eldamar.lan, 0.000-+--H*M:reportbug Return-path: <carnil@debian.org>
    Received: from c-82-192-244-13.customer.ggaweb.ch ([82