Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 217047
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
libpng-CVE-2007-6070.patch libpng-CVE-2007-6070.patch patch Robert Buchholz 2008-04-09 19:22 0000 7.63 KB Details | Diff
libpng-1.2.26-r1-CVE-2007-6070.tar.lzma libpng-1.2.26-r1-CVE-2007-6070.tar.lzma application/octet-stream SpanKY 2008-04-10 05:01 0000 2.48 KB Details
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 217047 depends on: Show dependency tree
Bug 217047 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-04-09 19:20 0000 
libpng does not correctly handle unknown zero-length chunks, which could
result in writing to attacker controlled addresses, depending on how the
libpng api is used.

Vapier, this issue is under embargo until 2008-04-12. Do not commit anything to
CVS until this date. Please prepare an updated ebuild and attach it to this
bug, we will do prestable testing here. Thanks.

------- Comment #1 From Robert Buchholz 2008-04-09 19:22:08 0000 ------- 
Created an attachment (id=149228) [details]
libpng-CVE-2007-6070.patch

Upstream patch.

------- Comment #2 From SpanKY 2008-04-10 05:01:47 0000 ------- 
Created an attachment (id=149262) [details]
libpng-1.2.26-r1-CVE-2007-6070.tar.lzma

pretty straightforward ...

------- Comment #3 From Robert Buchholz 2008-04-10 09:09:27 0000 ------- 
Arch Security Liaisons, please test the attached ebuild and report it stable on
this bug.
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 release s390 sh
sparc x86"

CC'ing current Liaisons:
   alpha : ferdy
   amd64 : welp
    hppa : jer
     ppc : dertobi123
   ppc64 : corsair
 release : pva
   sparc : fmccor
     x86 : opfer

vapier, please note that CVE-2007-6070 has been dropped in favour of
CVE-2008-1382 for this issue.

------- Comment #4 From Ferris McCormick 2008-04-10 13:46:32 0000 ------- 
sparc looks good (patch installs, -r1 builds and passes its tests).

------- Comment #5 From Jeroen Roovers 2008-04-10 16:43:59 0000 ------- 
Works for HPPA.

------- Comment #6 From Raúl Porcel 2008-04-10 18:05:16 0000 ------- 
Looks okay on alpha/ia64/x86

------- Comment #7 From Markus Rothe 2008-04-10 18:15:16 0000 ------- 
looks good on ppc64

------- Comment #8 From Tobias Scherbaum 2008-04-10 18:53:42 0000 ------- 
looks good on ppc

------- Comment #9 From Markus Meier 2008-04-11 20:33:53 0000 ------- 
Looks good on amd64/x86

------- Comment #10 From Robert Buchholz 2008-04-14 01:36:03 0000 ------- 
vapier, can you please commit the ebuild to CVS with the keywords gathered in
this bug. Please rename the patch to reflect that CVE-2008-1382 should be used
for the issue.

------- Comment #11 From SpanKY 2008-04-14 03:04:18 0000 ------- 
added to the tree

------- Comment #12 From Matthias Geerdsen 2008-04-14 08:10:32 0000 ------- 
vapier, could you set the keywords as approved by arch liaisons in here, so
that the GLSA can go out as soon as it is approved

up to now the following arches gave their "looks good":
alpha amd64 hppa ia64 ppc ppc64 sparc x86

final target is:
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc
~sparc-fbsd x86 ~x86-fbsd"

so cc'ing remaining arches as well as release since there was no comment from
them yet

------- Comment #13 From Robert Buchholz 2008-04-15 01:19:46 0000 ------- 
(In reply to comment #12)
> vapier, could you set the keywords as approved by arch liaisons in here, so
> that the GLSA can go out as soon as it is approved

I marked stable for the keywords. base-system was not in CC on the bug anymore.

------- Comment #14 From Robert Buchholz 2008-04-15 03:01:52 0000 ------- 
GLSA 200804-15

------- Comment #15 From Peter Volkov 2008-04-21 07:57:08 0000 ------- 
Fixed in release snapshot.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug