Bug#1067896: FW: CVE-2024-57823 fix and test in raptor2 in Version: 2.0.15-4

Hi, On Tue, Jun 10, 2025 at 08:04:05AM +, Fu, Rong (CN) wrote: > Dear Salvatore > > I noticed that Bug #1067896 has been closed, but I would like to propose > additional information regarding backporting the fix to bookworm. > The latest version has already fixed. >

Bug#1067896:

I see that the severity of this issue has been lowered from important to normal, and that the assessment in the Debian Security tracker reads: [bookworm] - raptor2 (Minor issue, revisit when fixed upstream) At the same time, I see that LibreOffice has patched its vendored raptor library [1

Bug#1067896: Update

In the first message there is a typo on the PoC for vulnerability #2. Where it reads: ### 2.1 Steps to reproduce `rapper -i turtle heap_read_overflow.poc` Contents of `heap_read_overflow.poc`: ``` _:/exaple/o ``` It should read: ### 2.1 Steps to reproduce `rapper -i nquads heap_read_overf

Bug#1067896: Acknowledgement (libraptor2-0: memcpy integer underflow and heap read overflow)

I rewrote a bit of the first issue to better understand it, and also provide a patch: ## 1. Integer Underflow in `raptor_uri_normalize_path()` There's an integer underflow in a path length calculation in `raptor_uri_normalize_path()`. This can be triggered by running the PoC below: ``` util

Bug#1067896: libraptor2-0: memcpy integer underflow and heap read overflow

Package: libraptor2-0 X-Debbugs-Cc: ped...@gmail.com, Debian Security Team Version: 2.0.15-4 Severity: grave Justification: user security hole Tags: patch upstream security Hi, Following on Hanno Bock's footsteps [1], I decided to fuzz libraptor2 [2][3] and after a few days found a couple of