Name | CVE-2019-11459 |
Description | The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-1881-1, DLA-1882-1, DSA-4624-1 |
Debian Bugs | 927820, 927821 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
atril (PTS) | jessie, jessie (lts) | 1.8.1+dfsg1-4+deb8u2 | fixed |
stretch | 1.16.1-2+deb9u2 | fixed | |
stretch (security), stretch (lts) | 1.16.1-2+deb9u1 | vulnerable | |
buster (security), buster, buster (lts) | 1.20.3-1+deb10u2 | fixed | |
bullseye (security), bullseye | 1.24.0-1+deb11u1 | fixed | |
bookworm (security), bookworm | 1.26.0-2+deb12u3 | fixed | |
sid | 1.26.2-3 | fixed | |
evince (PTS) | jessie, jessie (lts) | 3.14.1-2+deb8u3 | fixed |
stretch (security) | 3.22.1-3+deb9u2 | fixed | |
stretch (lts), stretch | 3.22.1-3+deb9u3 | fixed | |
buster (security), buster, buster (lts) | 3.30.2-3+deb10u1 | fixed | |
bullseye | 3.38.2-1 | fixed | |
bookworm | 43.1-2 | fixed | |
sid, trixie | 46.3.1-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
atril | source | jessie | 1.8.1+dfsg1-4+deb8u2 | DLA-1882-1 | ||
atril | source | stretch | 1.16.1-2+deb9u2 | |||
atril | source | buster | 1.20.3-1+deb10u1 | |||
atril | source | (unstable) | 1.22.3-1 | unimportant | 927821 | |
evince | source | jessie | 3.14.1-2+deb8u3 | DLA-1881-1 | ||
evince | source | stretch | 3.22.1-3+deb9u2 | DSA-4624-1 | ||
evince | source | buster | 3.30.2-3+deb10u1 | |||
evince | source | (unstable) | 3.32.0-3 | unimportant | 927820 |
https://gitlab.gnome.org/GNOME/evince/issues/1129
Fixed by: https://gitlab.gnome.org/GNOME/evince/commit/3e38d5ad724a042eebadcba8c2d57b0f48b7a8c7
Negligible security impact