Bug 109997 - media-libs/giflib: buffer overflow / null pointer deref
Bug#: 109997 Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: major Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: koon@gentoo.org
Component: Vulnerabilities
URL: 
Summary: media-libs/giflib: buffer overflow / null pointer deref
Keywords:  
Status Whiteboard: A2 [glsa]
Opened: 2005-10-21 01:17 0000
Description:   Opened: 2005-10-21 01:17 0000 
Chris Evans discovered that libungif 4.1.4 fixed potentially sensitive issues
that may be used to execute arbitrary code.

These issues were initially discovered by Daniel Eisenbud and silently fixed in
4.1.4.

------- Comment #1 From Thierry Carrez (RETIRED) 2005-10-21 01:20:57 0000 ------- 
Mamoru: this is a semi-public issue, could you silently add 4.1.4 to the tree
so
that we are ready to disclose it by the coordinated date (2005/10/28, 1400 UTC)

------- Comment #2 From SpanKY 2005-10-21 06:50:15 0000 ------- 
libungif is dead

only giflib should be updated and libungif should be masked

------- Comment #3 From Thierry Carrez (RETIRED) 2005-10-21 08:49:21 0000 ------- 
Release date is now set to 2005/11/03

------- Comment #4 From Thierry Carrez (RETIRED) 2005-10-28 00:37:51 0000 ------- 
CVE Ids :
CVE-2005-2974 libungif NULL pointer deref
CVE-2005-3350 libungif OOB access

usata/vapier: please bump

------- Comment #5 From SpanKY 2005-10-28 16:12:56 0000 ------- 
giflib-4.1.4 now in portage

------- Comment #6 From Thierry Carrez (RETIRED) 2005-10-29 02:29:55 0000 ------- 
Ccing security liaisons...
Please test and mark 4.1.4 stable, so that's the ebuild is ready at GLSA release
time.

------- Comment #7 From Michael Hanselmann (hansmi) (RETIRED) 2005-10-29 08:55:52 0000 ------- 
Stable on ppc and hppa.

------- Comment #8 From Bryan Østergaard (RETIRED) 2005-10-29 12:53:56 0000 ------- 
Stable on alpha.

------- Comment #9 From Simon Stelling (RETIRED) 2005-10-30 02:53:24 0000 ------- 
amd64 stable

------- Comment #10 From Gustavo Zacarias (RETIRED) 2005-10-31 07:21:27 0000 ------- 
sparc stable.

------- Comment #11 From Brent Baude 2005-10-31 07:45:23 0000 ------- 
Marked ppc64 stable (and urt)

------- Comment #12 From Thierry Carrez (RETIRED) 2005-11-03 02:53:58 0000 ------- 
Adding halcyon to handle x86 stable marking.

------- Comment #13 From Mark Loeser 2005-11-03 11:56:03 0000 ------- 
x86 stable

------- Comment #14 From Thierry Carrez (RETIRED) 2005-11-04 00:32:48 0000 ------- 
Embargo ended, ready to send.

------- Comment #15 From Thierry Carrez (RETIRED) 2005-11-04 00:44:26 0000 ------- 
mips should mark giflib-4.1.4 ~
ppc-macos should test and mark giflib-4.1.4 stable

------- Comment #16 From Thierry Carrez (RETIRED) 2005-11-04 00:45:05 0000 ------- 
Hm. in fact mips should even test and mark stable.

------- Comment #17 From Fabian Groffen 2005-11-04 02:39:30 0000 ------- 
I had to stable the follow packages to stable giflib-4.1.4:
urt-3.1b-r1
ghostscript-7.07.1-r10
media-fonts/gnu-gs-fonts-std-8.11

Note: I encountered bug #111455 but ignored it for now and stabled giflib.

------- Comment #18 From Thierry Carrez (RETIRED) 2005-11-04 04:34:10 0000 ------- 
GLSA 200511-03
mips should mark stable to benefit from GLSA

------- Comment #19 From Hardave Riar (RETIRED) 2005-11-20 02:14:59 0000 ------- 
Stable on mips.