- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3495-2                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien Roucariès
August 10, 2023                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : php-dompdf
Version        : 0.6.2+dfsg-3+deb10u2
CVE ID         : CVE-2021-3838

Ubuntu security team noted after extensive testing that DLA-3495-1
was incomplete as one PoC for CVE-2022-2400 (particularly the
chroot escape) was still working on the patched version of
the package.

Further analysis of the upstream patch and  DLA-3495-1 version
helped to identify that the vulnerability was still present due to
DLA 3495-1 not including commit 7adf00f9, which added chroot checks
to one of the code path.

Special thanks to Camila Camargo de Matos of Ubuntu security team.

For Debian 10 buster, this problem has been fixed in version
0.6.2+dfsg-3+deb10u2.

We recommend that you upgrade your php-dompdf packages.

For the detailed security status of php-dompdf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/php-dompdf

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS