blob: 2ed543c6c202050889e8b2c537f374538072d690 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
|
commit d5187355f6e0de529b562569509a1851dda7ad84
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-17 20:16:28 +0900
NEWS: Document changes for 1.0.30 release
commit 1fe94e6674d0572d2408361903730f012c60fc6c
Merge: 898ab1834864 5104b80fc8f0
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-17 16:26:00 +0900
Merge branch '279-confidential-issue' into release/1.0.30
commit 5104b80fc8f0d6528b856233a52846a414ae6616
Merge: f38c9f0d64a5 30b1831a28f2
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-14 09:36:25 +0000
Merge branch 'mitigate-epsonds-net-security-issue' into '279-confidential-issue'
epsonds: Mitigate potential network related security issues. Re #279
See merge request paddy-hack/backends!9
commit 30b1831a28f24ab2921b9f717c66d37f02bb81cc
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-11 21:07:12 +0900
epsonds: Mitigate potential network related security issues. Re #279
This pre-empts the possibility of triggering GHSL-2020-079, GHSL-2020-080
and GHSL-2020-081.
commit f38c9f0d64a52697562abdfbf9c9044cb1b7e897
Merge: 3d005c2570a7 b9b0173409df
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-07 09:42:42 +0000
Merge branch 'issue09-esci2-img-buffer-size-check' into '279-confidential-issue'
epsonds: Prevent possible buffer overflow when reading image data
See merge request paddy-hack/backends!8
commit b9b0173409df73e235da2aa0dae5edd21fb55967
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-04-27 18:48:29 +0900
epsonds: Prevent possible buffer overflow when reading image data
Addresses GHSL-2020-084, re #279.
commit 3d005c2570a71fe93a63192d9c47ee54cb39049b
Merge: 226d9c92899f 27ea994d23ee
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-06 04:06:49 +0000
Merge branch 'issue05-out-of-bounds-read-decode_binary' into '279-confidential-issue'
epsonds: Do not read beyond the end of the token
See merge request paddy-hack/backends!5
commit 27ea994d23ee52fe1ec1249c92ebc1080a358288
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-04-30 21:15:45 +0900
epsonds: Do not read beyond the end of the token
Addresses GHSL-2020-082, re #279.
commit 226d9c92899facf4b22b98c73be6ad2cd0effc4a
Merge: 02b5d33b7a7c db9480b09ea8
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-06 04:05:59 +0000
Merge branch 'issue07-out-of-bounds-read-in-esci2_check_header' into '279-confidential-issue'
epsonds: Read only up to seven hexdigits to determine payload size
See merge request paddy-hack/backends!6
commit db9480b09ea807e52029f2334769a55d4b95e45b
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-04-27 18:24:56 +0900
epsonds: Read only up to seven hexdigits to determine payload size
Addresses GHSL-2020-083, re #279.
commit 02b5d33b7a7c0b72137f5b968c46a1d52a75aa63
Merge: 4c9e4efd4a82 8682023faa27
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-06 04:04:18 +0000
Merge branch 'issue08-integer-overflow-sanei_tcp_read' into '279-confidential-issue'
sanei: Integer overflow sanei tcp read
See merge request paddy-hack/backends!7
commit 8682023faa27c61156a354955c89617a3304d66f
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-04 11:54:35 +0900
sanei_tcp: Address possible integer overflow. Re #279, issue 8
commit fe08bbee6b238ea0be73af67b560ffc2c47562fd
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-04 11:48:46 +0900
epsonds: Handle error condition. Re #279, issue 8
commit 4c9e4efd4a82214719eeb1377a900e3a85c1c369
Merge: 2b4aa45bad61 fff83e7eacd0
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-06 04:03:19 +0000
Merge branch 'issue01-null-pointer-deref-sanei_epson_net_read' into '279-confidential-issue'
epson2: Rewrite network I/O
See merge request paddy-hack/backends!3
commit fff83e7eacd0f27bb2d71c42488e0fd735c15ac3
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-04-30 18:24:51 +0900
epson2: Rewrite network I/O
This addresses GHSL-2020-075 as well as all other problematic code
uncovered as a result of investigating that. This includes:
- buffer overflows due to use of unchecked lengths
- integer overflows due to type conversions
- potential memory leaks
- checking for memory allocation failures
Re #279.
commit 2b4aa45bad61d5e34996645581a606fd8795a48c
Merge: 37b142494bf6 07e3834127f8
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-04 08:24:19 +0000
Merge branch 'issue11-read_of_uninitialized_data' into '279-confidential-issue'
magicolor: Added security mediation to device discovery
See merge request paddy-hack/backends!2
commit 07e3834127f8bcd9dac02b91c17127dc41fbfb5b
Author: Ralph Little <skelband@gmail.com>
Date: 2020-04-30 23:21:00 -0700
magicolor: Added security mediation to device discovery
Extraction of values from the SNMP response were not checked.
Also fixed a bug that mistakenly matched any SNMP OIDs with the
first model in the model list, in function mc_get_device_from_identification().
commit 37b142494bf659d8147b6f0fcb8629408717d14d
Merge: e52a5bf71979 af0442f15cc9
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-05-04 05:28:37 +0000
Merge branch 'issue10-SIGFPE-in-mc_setup_block_mode' into '279-confidential-issue'
magicolor: Added security remediation for pixels_per_line.
See merge request paddy-hack/backends!1
commit af0442f15cc966bbc3d7d9322380005ea0ee8340
Author: Ralph Little <skelband@gmail.com>
Date: 2020-04-26 13:04:41 -0700
magicolor: Added security remediation for pixels_per_line.
This implements a security issue reported by GitHub Security Lab.
The details are disclosed in GitLab issue #279.
The issue relates to an invalid scan parameter block being sent to
the backend containing 8 bytes of 0x00 which leads to pixels_per_line
being set to 0. Later arithmetic involves the division by this value
which causes a div by zero crash.
commit 898ab1834864e3b813f0d0ae234f38ac05813756
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-02-06 20:56:21 +0900
Really remove libxml2 linker/loader flags from dependencies. Re #239
commit 76bf742aba32ec1ed4ae641285f8e6a0b038326d
Author: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: 2020-02-05 21:30:11 +0900
Remove libxml2 linker/loader flags from dependencies. Re #239
|
