Re: [Tools-discuss] RFC PDF crashes viewer
Michael Richardson <mcr@sandelman.ca> Sat, 27 June 2020 03:31 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9427A3A0A1B for <tools-discuss@ietfa.amsl.com>; Fri, 26 Jun 2020 20:31:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uLcJxr7Rliu7 for <tools-discuss@ietfa.amsl.com>; Fri, 26 Jun 2020 20:31:15 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BC443A0A1A for <tools-discuss@ietf.org>; Fri, 26 Jun 2020 20:31:14 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 1F848389A2; Fri, 26 Jun 2020 23:28:30 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id hZbPUcHvC0fM; Fri, 26 Jun 2020 23:28:29 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 0F5763899F; Fri, 26 Jun 2020 23:28:29 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id A271F1D3; Fri, 26 Jun 2020 23:31:12 -0400 (EDT)
From: Michael Richardson <mcr@sandelman.ca>
To: Erik Auerswald <auerswal@unix-ag.uni-kl.de>, tools-discuss@ietf.org
In-Reply-To: <20200626165123.GA24364@unix-ag.uni-kl.de>
References: <0DE4B90E-B03A-45BB-959B-89B695217188@tzi.org> <20200626165123.GA24364@unix-ag.uni-kl.de>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <7241.1593228672.1@localhost>
Content-Transfer-Encoding: quoted-printable
Date: Fri, 26 Jun 2020 23:31:12 -0400
Message-ID: <7242.1593228672@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/bisztKF6HF_qJOHnGcc1UMM9a4c>
Subject: Re: [Tools-discuss] RFC PDF crashes viewer
X-BeenThere: tools-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss/>
List-Post: <mailto:tools-discuss@ietf.org>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Jun 2020 03:31:18 -0000
Erik Auerswald <auerswal@unix-ag.uni-kl.de> wrote: > On Fri, Jun 26, 2020 at 05:44:35PM +0200, Carsten Bormann wrote: >> This is undoubtedly a bug in the viewer, but I have received a report >> the PDF viewer evince (tested with versions 3.30.2 and 3.36.5, i.e., >> newer than CVE-2019-1010006) crashes when trying to view: >> >> https://www.rfc-editor.org/rfc/rfc8798.pdf >> >> I have no further data at this time. > I can confirm this for evince in Ubuntu 18.04 LTS with current updates: and for evince GNOME Document Viewer 3.30.2 for me. on Devuan Beowulf (same as Debian Bullseye) on amd64. Chrome's built-in viewer did not crash. > CVE-2019-1010006 should be fixed there, too, see: > https://usn.ubuntu.com/4067-1/ Thanks. > There were more PDF renderings of RFCs evince could not handle (or rather > cannot handle since) then, e.g. RFC 8650 and RFC 8651: > $ evince rfc8650.pdf > Segmentation fault (core dumped) > $ evince rfc8651.pdf > Segmentation fault (core dumped) :-( -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [Tools-discuss] RFC PDF crashes viewer Carsten Bormann
- Re: [Tools-discuss] RFC PDF crashes viewer Erik Auerswald
- Re: [Tools-discuss] RFC PDF crashes viewer Russ Housley
- Re: [Tools-discuss] RFC PDF crashes viewer Erik Auerswald
- Re: [Tools-discuss] RFC PDF crashes viewer Michael Richardson
- Re: [Tools-discuss] RFC PDF crashes viewer Erik Auerswald
- Re: [Tools-discuss] RFC PDF crashes viewer John Levine
- Re: [Tools-discuss] RFC PDF crashes viewer John Levine
- Re: [Tools-discuss] RFC PDF crashes viewer Adam Roach
- Re: [Tools-discuss] RFC PDF crashes viewer John R Levine
- Re: [Tools-discuss] RFC PDF crashes viewer John R Levine
- Re: [Tools-discuss] RFC PDF crashes viewer Carsten Bormann
- Re: [Tools-discuss] RFC PDF crashes viewer John R Levine
- Re: [Tools-discuss] RFC PDF crashes viewer Erik Auerswald
- Re: [Tools-discuss] RFC PDF crashes viewer Erik Auerswald