| Name | CVE-2005-3628 |
| Description | Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DSA-931-1, DSA-932-1, DSA-936-1, DSA-937-1, DSA-938-1, DSA-940-1, DSA-950-1, DSA-961-1, DSA-962-1, DTSA-28-1 |
| Debian Bugs | 342286, 342294 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| cups (PTS) | jessie, jessie (lts) | 1.7.5-11+deb8u12 | fixed |
| stretch (security) | 2.2.1-8+deb9u8 | fixed | |
| stretch (lts), stretch | 2.2.1-8+deb9u12 | fixed | |
| buster, buster (lts) | 2.2.10-6+deb10u11 | fixed | |
| buster (security) | 2.2.10-6+deb10u10 | fixed | |
| bullseye | 2.3.3op2-3+deb11u8 | fixed | |
| bullseye (security) | 2.3.3op2-3+deb11u9 | fixed | |
| bookworm (security), bookworm | 2.4.2-3+deb12u8 | fixed | |
| sid, trixie | 2.4.10-2 | fixed | |
| libextractor (PTS) | jessie, jessie (lts) | 1:1.3-2+deb8u5 | fixed |
| stretch (security), stretch (lts), stretch | 1:1.3-4+deb9u4 | fixed | |
| buster | 1:1.8-2+deb10u1 | fixed | |
| bullseye | 1:1.11-2 | fixed | |
| bookworm | 1:1.11-7 | fixed | |
| sid, trixie | 1:1.13-7 | fixed | |
| xpdf (PTS) | jessie | 3.03-17 | fixed |
| stretch | 3.04-4 | fixed | |
| buster | 3.04-13 | fixed | |
| bullseye | 3.04+git20210103-3 | fixed | |
| bookworm | 3.04+git20220601-1 | fixed | |
| sid, trixie | 3.04+git20240613-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| cups | source | (unstable) | 1.1.22-7 | |||
| cupsys | source | woody | 1.1.14-5woody14 | DSA-950-1 | ||
| cupsys | source | sarge | (not affected) | DSA-950-1 | ||
| cupsys | source | (unstable) | 1.1.22-7 | |||
| gpdf | source | sarge | 2.8.2-1.2sarge2 | DSA-940-1 | ||
| gpdf | source | etch | 2.10.0-1+etch1 | DTSA-28-1 | ||
| gpdf | source | (unstable) | 2.10.0-2 | 342286 | ||
| kdegraphics | source | sarge | 4:3.3.2-2sarge3 | DSA-932-1 | ||
| kdegraphics | source | (unstable) | 4:3.5.0-3 | |||
| koffice | source | sarge | 1:1.3.5-4.sarge.2 | DSA-938-1 | ||
| koffice | source | (unstable) | 1:1.4.2-6 | 342294 | ||
| libextractor | source | sarge | 0.4.2-2sarge2 | DSA-936-1 | ||
| libextractor | source | (unstable) | 0.5.9-1 | |||
| pdfkit.framework | source | sarge | 0.8-2sarge1 | DSA-961-1 | ||
| pdfkit.framework | source | (unstable) | 0.8-4 | |||
| pdftohtml | source | sarge | 0.36-11sarge1 | DSA-962-1 | ||
| pdftohtml | source | (unstable) | 0.36-12 | |||
| tetex-bin | source | woody | 1.0.7+20011202-7.7 | DSA-937-1 | ||
| tetex-bin | source | sarge | 2.0.2-30sarge4 | DSA-937-1 | ||
| tetex-bin | source | (unstable) | 3.0-12 | |||
| xpdf | source | woody | 1.00-3.8 | DSA-931-1 | ||
| xpdf | source | sarge | 3.00-13.4 | DSA-931-1 | ||
| xpdf | source | (unstable) | 3.01-4 |
cupsys switched to an external PDF implementation in 1.1.22-7.
tetex-bin switched to poppler in 3.0-12.