1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL.RELEAS

  • Bug#1101561: bookworm-pu: package fig2dev/1:3.2.8b-3+deb12u1

    From Roland Rosenfeld@21:1/5 to All on Sat Mar 29 12:40:01 2025
    XPost: linux.debian.bugs.dist

    Package: release.debian.org
    Severity: normal
    Tags: bookworm
    User: [email protected]
    Usertags: pu
    X-Debbugs-Cc: [email protected]
    Control: affects -1 + src:fig2dev

    [ Reason ]
    This fixes CVE-2025-31162, CVE-2025-31163, CVE-2025-31164
    (segmentation faults in the pict2e driver of fig2dev).

    [ Impact ]
    Segmentation faults with some special cases and a minor security
    issue.

    [ Tests ]
    salsa-ci passed except reprotest (this seems to build the package with
    sid instead of bookworm, with uses a newer different ghostscript
    version, resulting in a slightly different gray rastering with two
    more dots in an example, so one test in the testsuite fails): https://salsa.debian.org/debian/fig2dev/-/pipelines/840929

    The patches for CVE-2025-31163 and CVE-2025-31164 add new test cases
    (for these bugs) which run successfully.

    [ Risks ]
    Hopefully none...

    [ Checklist ]
    [x] *all* changes are documented in the d/changelog
    [x] I reviewed all changes and I approve them
    [x] attach debdiff against the package in (old)stable
    [x] the issue is verified as fixed in unstable

    [ Changes ]
    - fix for CVE-2025-31162
    - fix for CVE-2025-31163
    - fix for CVE-2025-31164
    - Change in debian/salsa-ci.yml to build with bookworm instead of sid

    [ Other info ]
    I was asked by Salvatore Bonaccorso <[email protected]> from the
    security team to upload this to the next point release instead of
    fixing via DSA, because of the low severity of the CVEs.

    Greetings
    Roland

    diff -Nru fig2dev-3.2.8b/debian/changelog fig2dev-3.2.8b/debian/changelog
    --- fig2dev-3.2.8b/debian/changelog 2022-09-20 17:24:07.000000000 +0200
    +++ fig2dev-3.2.8b/debian/changelog 2025-03-28 22:51:19.000000000 +0100
    @@ -1,3 +1,11 @@
    +fig2dev (1:3.2.8b-3+deb12u1) bookworm; urgency=medium
    +
    + * 38_CVE-2025-31162: Reject huge pattern lengths.
    + * 39_CVE-2025-31163: Reject arcs with co-incident points.
    + * 40_CVE-2025-31164: Allow an arc-box with zero radius.
    +
    + -- Roland Rosenfeld <[email protected]> Fri, 28 Mar 2025 22:51:19 +0100
    +
    fig2dev (1:3.2.8b-3) unstable; urgency=medium

    [ Roland Rosenfeld ]
    diff -Nru fig2dev-3.2.8b/debian/patches/38_CVE-2025-31162.patch fig2dev-3.2.8b/debian/patches/38_CVE-2025-31162.patch
    --- fig2dev-3.2.8b/debian/patches/38_CVE-2025-31162.patch 1970-01-01 01:00:00.000000000 +0100
    +++ fig2dev-3.2.8b/debian/patches/38_CVE-2025-31162.patch 2025-03-28 22:51:19.000000000 +0100
    @@ -0,0 +1,27 @@
    +From: Thomas Loimer <[email protected]>
    +Date: Wed, 22 Jan 2025 23:18:54 +0100
    +Origin: upstream, https://sourceforge.net/p/mcj/f
  • From Debian Bug Tracking System@21:1/5 to All on Mon Apr 14 21:50:01 2025
    Processing control commands:

    tag -1 confirmed
    Bug #1101561 [release.debian.org] bookworm-pu: package fig2dev/1:3.2.8b-3+deb12u1
    Added tag(s) confirmed.

    --
    1101561: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101561
    Debian Bug Tracking System
    Contact [email protected] with problems

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Sat May 17 11:50:17 2025
    This is a multi-part message in MIME format...

    Your message dated Sat, 17 May 2025 09:37:57 +0000
    with message-id <[email protected]>
    and subject line Close 1101561
    has caused the Debian Bug report #1101561,
    regarding bookworm-pu: package fig2dev/1:3.2.8b-3+deb12u1
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected]
    immediately.)


    --
    1101561: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101561
    Debian Bug Tracking System
    Contact [email protected] with problems

    Received: (at submit) by bugs.debian.org; 29 Mar 2025 11:37:25 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
    (2021-04-09) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-127.0 required=4.0 tests=BAYES_00,
    BODY_INCLUDES_CONTROL_AFFECTS,BODY_INCLUDES_PACKAGE,DKIMWL_WL_HIGH,
    DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FROMDEVELOPER,HAS_PACKAGE,
    HEADER_FROM_DIFFERENT_DOMAINS,SPF_HELO_NONE,SPF_PASS,
    USER_IN_DKIM_WELCOMELIST,USER_IN_DKIM_WHITELIST autolearn=ham
    autolearn_force=no version=3.4.6-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 160; hammy, 150; neutral, 270; spammy,
    0. spammytokens: hammytokens:0.000-+--XDebbugsCc,
    0.000-+--X-Debbugs-Cc, 0.000-+--bookworm, 0.000-+--deb12u1,
    0.000-+--typedef
    Return-path: <[email protected]>
    Received: from luv-v6.spinnaker.de ([2001:4dd0:42::1