Bug 5124

Summary: Updated sane packages fix security vulnerabilities CVE-2020-12861
Product: [ROSA-based products] ROSA Fresh Reporter: Zombie Ryushu <zombie.ryushu>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: CONFIRMED --- QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: alzim, andrey.bondrov, denis.silakov, mc2374
Version: Fresh   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://advisories.mageia.org/MGASA-2020-0360.html
Whiteboard:
Platform: 2016.1 ROSA Vulnerability identifier: CVE-2020-12861
RPM Package: sane ISO-related:
Bad POT generating: Upstream:

Description Zombie Ryushu 2015-03-03 05:53:14 MSK 
Some scanners need overrides set in sane's configuration for them to work properly.

(For example my ScanMagic 1200 UB Plus needs override "mustek-scanexpress-1200-ub-plus" otherwise xsane and friends will fail to connect to it. This is not set by mcc.)

Some scanners should be auto-detected, as mcc already attempts to detect the scanner. However considering that these scanners may use the same usb vendor and product ids, it would be nice to have an option to manually set the overrides in mcc. (As it seems proper auto-detection of the device may not be possible.)

This would prevent a user complaining about a device not working after using mcc to configure it and it's firmware. (If needed.) 

As it is, a user may need to lookup the sane back end's documentation to figure out why it does not work, and alter the config files manually. Even if the scanner was auto-detected.
Comment 1 Zombie Ryushu 2020-11-18 03:37:05 MSK 
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious
device connected to the same local network as the victim to execute arbitrary
code, aka GHSL-2020-080. (CVE-2020-12861)

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious
device connected to the same local network as the victim to read important
information, such as the ASLR offsets of the program, aka GHSL-2020-082.
(CVE-2020-12862)

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious
device connected to the same local network as the victim to read important
information, such as the ASLR offsets of the program, aka GHSL-2020-083.
(CVE-2020-12863)

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious
device connected to the same local network as the victim to read important
information, such as the ASLR offsets of the program, aka GHSL-2020-081.
(CVE-2020-12864)

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious
device connected to the same local network as the victim to execute arbitrary
code, aka GHSL-2020-084. (CVE-2020-12865)

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious
device connected to the same local network as the victim to cause a denial of
service, GHSL-2020-079. (CVE-2020-12866)

A NULL pointer dereference in sanei_epson_net_read in SANE Backends before
1.0.30 allows a malicious device connected to the same local network as the
victim to cause a denial of service, aka GHSL-2020-075. (CVE-2020-12867)