[SECURITY] [DLA 3495-2] php-dompdf regression update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3495-2] php-dompdf regression update
From: Bastien Roucaries <rouca@debian.org>
Date: Fri, 11 Aug 2023 09:02:38 +0000
Message-id: <[🔎] 3e04711194fee780e4bf47049b2e705c.rouca@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3495-2                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien RoucariÃ¨s
August 10, 2023                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : php-dompdf
Version        : 0.6.2+dfsg-3+deb10u2
CVE ID         : CVE-2021-3838

Ubuntu security team noted after extensive testing that DLA-3495-1
was incomplete as one PoC for CVE-2022-2400 (particularly the
chroot escape) was still working on the patched version of
the package.

Further analysis of the upstream patch and  DLA-3495-1 version
helped to identify that the vulnerability was still present due to
DLA 3495-1 not including commit 7adf00f9, which added chroot checks
to one of the code path.

Special thanks to Camila Camargo de Matos of Ubuntu security team.

For Debian 10 buster, this problem has been fixed in version
0.6.2+dfsg-3+deb10u2.

We recommend that you upgrade your php-dompdf packages.

For the detailed security status of php-dompdf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php-dompdf

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmTV+S0ACgkQADoaLapB
CF+fzA/+IEhPFe6aORNDp+bmugxgpYdan9P7yFYoEsBOw0S08mOLhCtKJ6PZU4l2
O60/vK4RtbCoEM4pyvw6b8X1TKjARCXOnB2CoG/nfHIITpIp/9KQSalimuexL0Kt
q20ze3Eu4xNNff5pA7QZShW+ykjsHHECOy4WPPb3nSjdRHphuRlitcRDhD0O/HQM
WJtq1mX/ZgEj9kH77LeBf64NHZ2yxGpmae4xKOa+kF1IEGIO2+pbaUP1jq1P+wQ/
leGfTdUKEN+IpaPCIC+8HvLjp22phrXBQJm93fQz+jKBaVY6iFoe/zW9kDv2SOwM
ZZtFWvZkmdHSH+GQCKadzygwK1Gsm5YN2+mzEypBjksFnMp92KXnpzYtCod4Yda5
RM+bkg2cis9APc690KzuLmH5W9c1loAa1RfvwO2UwHtH1b+yjuO3QPS3SLtavAdp
F7yDJlPQwYZ9IrXlZlCXjS6kJfQI2zEqxKXDlqbgzHLIKNJcJ2HY3RzjSj3FCEU6
VpiqbABX84Vig6F5hJ9qo1g/cRw80tmjWRjnh1PluAEioU9hyXC4o7YmXbbZTCsg
+H5uo58otWWW9B+SqTqz3iQUo39w0Xaj9zn/r/XSgTS7NCP0J1M7oCw+1MSrJlfT
ERpI5r6u7gETAt+jSwupE2Oqz7uC2f+OKYPS4uk0uu8+86xuOhM=
=20sV
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3524-1] linux security update
Next by Date: [SECURITY] [DLA 3525-1] linux-5.10 security update
Previous by thread: [SECURITY] [DLA 3524-1] linux security update
Next by thread: [SECURITY] [DLA 3525-1] linux-5.10 security update
Index(es):
- Date
- Thread