CVE-2019-20200

Name	CVE-2019-20200
Description	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severity	medium
Debian Bugs	989360, 989361, 989363, 989364

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mapcache (PTS)	stretch	1.4.1-3	vulnerable
	buster	1.6.1-3	vulnerable
	bullseye, sid	1.10.0-2	vulnerable
netcdf (PTS)	stretch	1:4.4.1.1-2	fixed
	buster	1:4.6.2-1	vulnerable
	bullseye, sid	1:4.7.4-1	vulnerable
netcdf-parallel (PTS)	buster	1:4.6.2-1	vulnerable
	bullseye, sid	1:4.7.4-1	vulnerable
scilab (PTS)	stretch	5.5.2-4	vulnerable
	stretch (security)	5.5.2-4+deb9u1	vulnerable
	buster	6.0.1-10+deb10u1	vulnerable
	bullseye, sid	6.1.0+dfsg1-7	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Debian Bugs
mapcache	source	(unstable)	(unfixed)	989363
netcdf	source	stretch	(not affected)
netcdf	source	(unstable)	(unfixed)	989360
netcdf-parallel	source	(unstable)	(unfixed)	989361
scilab	source	(unstable)	(unfixed)	989364

Notes

[bullseye] - mapcache <no-dsa> (Minor issue)
[buster] - mapcache <no-dsa> (Minor issue)
[stretch] - mapcache <no-dsa> (Minor issue)
[bullseye] - scilab <no-dsa> (Minor issue)
[buster] - scilab <no-dsa> (Minor issue)
[stretch] - scilab <no-dsa> (Minor issue)
[bullseye] - netcdf <no-dsa> (Minor issue)
[buster] - netcdf <no-dsa> (Minor issue)
[stretch] - netcdf <not-affected> (vulnerable code not present)
[bullseye] - netcdf-parallel <no-dsa> (Minor issue)
[buster] - netcdf-parallel <no-dsa> (Minor issue)
https://sourceforge.net/p/ezxml/bugs/19/