leptonica-devel-1.80.0-1.9 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10914 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z leptonica-devel-1.80.0-1.9 on GA media These are all security issues fixed in the leptonica-devel-1.80.0-1.9 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10914 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10914 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2017-18196/ SUSE CVE CVE-2017-18196 page https://www.suse.com/security/cve/CVE-2018-3836/ SUSE CVE CVE-2018-3836 page https://www.suse.com/security/cve/CVE-2018-7186/ SUSE CVE CVE-2018-7186 page https://www.suse.com/security/cve/CVE-2018-7247/ SUSE CVE CVE-2018-7247 page https://www.suse.com/security/cve/CVE-2018-7440/ SUSE CVE CVE-2018-7440 page https://www.suse.com/security/cve/CVE-2018-7441/ SUSE CVE CVE-2018-7441 page https://www.suse.com/security/cve/CVE-2018-7442/ SUSE CVE CVE-2018-7442 page openSUSE Tumbleweed leptonica-devel-1.80.0-1.9 leptonica-tools-1.80.0-1.9 liblept5-1.80.0-1.9 liblept5-32bit-1.80.0-1.9 leptonica-devel-1.80.0-1.9 as a component of openSUSE Tumbleweed leptonica-tools-1.80.0-1.9 as a component of openSUSE Tumbleweed liblept5-1.80.0-1.9 as a component of openSUSE Tumbleweed liblept5-32bit-1.80.0-1.9 as a component of openSUSE Tumbleweed Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif. CVE-2017-18196 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-18196.html CVE-2017-18196 https://bugzilla.suse.com/1082843 SUSE Bug 1082843 An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability. CVE-2018-3836 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-3836.html CVE-2018-3836 https://bugzilla.suse.com/1079358 SUSE Bug 1079358 https://bugzilla.suse.com/1082747 SUSE Bug 1082747 Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions. CVE-2018-7186 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-7186.html CVE-2018-7186 https://bugzilla.suse.com/1081576 SUSE Bug 1081576 https://bugzilla.suse.com/1081631 SUSE Bug 1081631 An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact. CVE-2018-7247 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-7247.html CVE-2018-7247 https://bugzilla.suse.com/1081631 SUSE Bug 1081631 An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $(command) approach in the gplot rootname argument. This issue exists because of an incomplete fix for CVE-2018-3836. CVE-2018-7440 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-7440.html CVE-2018-7440 https://bugzilla.suse.com/1079358 SUSE Bug 1079358 https://bugzilla.suse.com/1082747 SUSE Bug 1082747 Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junk_split_image.ps in prog/splitimage2pdf.c. CVE-2018-7441 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-7441.html CVE-2018-7441 https://bugzilla.suse.com/1082749 SUSE Bug 1082749 An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite. CVE-2018-7442 openSUSE Tumbleweed:leptonica-devel-1.80.0-1.9 openSUSE Tumbleweed:leptonica-tools-1.80.0-1.9 openSUSE Tumbleweed:liblept5-1.80.0-1.9 openSUSE Tumbleweed:liblept5-32bit-1.80.0-1.9 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-7442.html CVE-2018-7442 https://bugzilla.suse.com/1082748 SUSE Bug 1082748