| Name | CVE-2019-11459 |
| Description | The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-1881-1, DLA-1882-1, DSA-4624-1 |
| Debian Bugs | 927820, 927821 |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| atril (PTS) | bullseye (security), bullseye | 1.24.0-1+deb11u1 | fixed |
| bookworm, bookworm (security) | 1.26.0-2+deb12u3 | fixed | |
| trixie | 1.26.2-4 | fixed | |
| forky, sid | 1.26.2-5 | fixed | |
| evince (PTS) | bullseye | 3.38.2-1 | fixed |
| bookworm | 43.1-2 | fixed | |
| trixie | 48.1-3 | fixed | |
| forky, sid | 48.1-4 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| atril | source | jessie | 1.8.1+dfsg1-4+deb8u2 | DLA-1882-1 | ||
| atril | source | stretch | 1.16.1-2+deb9u2 | |||
| atril | source | buster | 1.20.3-1+deb10u1 | |||
| atril | source | (unstable) | 1.22.3-1 | unimportant | 927821 | |
| evince | source | jessie | 3.14.1-2+deb8u3 | DLA-1881-1 | ||
| evince | source | stretch | 3.22.1-3+deb9u2 | DSA-4624-1 | ||
| evince | source | buster | 3.30.2-3+deb10u1 | |||
| evince | source | (unstable) | 3.32.0-3 | unimportant | 927820 |
https://gitlab.gnome.org/GNOME/evince/issues/1129
Fixed by: https://gitlab.gnome.org/GNOME/evince/commit/3e38d5ad724a042eebadcba8c2d57b0f48b7a8c7
Negligible security impact