Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 639062 (CVE-2017-16612) - <x11-libs/libXcursor-1.1.15: Heap overflows when parsing malicious files
Summary: <x11-libs/libXcursor-1.1.15: Heap overflows when parsing malicious files
Status: RESOLVED FIXED
Alias: CVE-2017-16612
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://marc.info/?l=freedesktop-xorg...
Whiteboard: A3 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-11-28 15:59 UTC by Ian Zimmerman
Modified: 2018-01-07 23:28 UTC (History)
1 user (show)

See Also:
Package list:
=x11-libs/libXcursor-1.1.15
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ian Zimmerman 2017-11-28 15:59:53 UTC 
According to a posting on oss-security [1]:

X.Org has just release libXcursor version 1.1.15 which contains the
following security fix:

Author:     Tobias Stoeckmann <tobias@stoeckmann.org>
AuthorDate: Sat Oct 21 23:47:52 2017 +0200
Commit:     Matthieu Herrb <matthieu@herrb.eu>
CommitDate: Sat Nov 25 11:52:34 2017 +0100

    Fix heap overflows when parsing malicious files. (CVE-2017-16612)

    It is possible to trigger heap overflows due to an integer overflow
    while parsing images and a signedness issue while parsing comments.

[1]
http://openwall.com/lists/oss-security/2017/11/28/6
Comment 1 D'juan McDonald (domhnall) 2017-11-28 21:07:24 UTC 
Thanks for the report Ian.

@maintainter(s): after bump, please call for stabilization when ready, thank you.

Gentoo Security Padawan
(jmbailey/mbailey_j)
Comment 2 Matt Turner gentoo-dev 2017-11-29 01:41:52 UTC 
Now in tree. Please proceed with stabilization.
Comment 3 Agostino Sarubbo gentoo-dev 2017-11-29 11:19:44 UTC 
amd64 stable
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2017-11-29 18:54:43 UTC 
x86 stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2017-11-29 20:31:44 UTC 
sparc stable (thanks to Rolf Eike Beer)
Comment 6 Tobias Klausmann (RETIRED) gentoo-dev 2017-11-30 20:22:03 UTC 
Stable on alpha.
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2017-12-01 07:35:42 UTC 
hppa/ia64/ppc/ppc64 stable
Comment 8 Markus Meier gentoo-dev 2017-12-13 21:05:58 UTC 
arm stable, all arches done.
Comment 9 D'juan McDonald (domhnall) 2018-01-05 03:18:42 UTC 
Thank you A/Ts, maintainter(s), please cleanup. 


Gentoo Security Padawan
(Jmbailey/mbailey_j)
Comment 10 Larry the Git Cow gentoo-dev 2018-01-05 18:50:38 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=301bb79cee5d82e534147d942089cabaf940a3d8

commit 301bb79cee5d82e534147d942089cabaf940a3d8
Author:     Matt Turner <mattst88@gentoo.org>
AuthorDate: 2018-01-05 18:50:13 +0000
Commit:     Matt Turner <mattst88@gentoo.org>
CommitDate: 2018-01-05 18:50:29 +0000

    x11-libs/libXcursor: Drop vulnerable version
    
    Bug: https://bugs.gentoo.org/639062

 x11-libs/libXcursor/Manifest                 |  1 -
 x11-libs/libXcursor/libXcursor-1.1.14.ebuild | 22 ----------------------
 2 files changed, 23 deletions(-)}
Comment 11 Thomas Deutschmann (RETIRED) gentoo-dev 2018-01-06 01:52:05 UTC 
New GLSA request filed.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2018-01-07 23:28:20 UTC 
This issue was resolved and addressed in
 GLSA 201801-04 at https://security.gentoo.org/glsa/201801-04
by GLSA coordinator Aaron Bauman (b-man).