Bug 316699 (CVE-2010-0991)

Summary:	=media-libs/imlib2-1.4.3: IMAGE_DIMENSIONS_OK heap-based buffer overflows (CVE-2010-0991)
Product:	Gentoo Security	Reporter:	Alex Legler (RETIRED) <a3li>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	~2 [noglsa]
Package list:		Runtime testing required:	---
Bug Depends on:	318761
Bug Blocks:

Description Alex Legler (RETIRED) archtester

2010-04-22 17:32:15 UTC

CVE-2010-0991 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0991):
  Multiple heap-based buffer overflows in imlib2 1.4.3 allow
  context-dependent attackers to execute arbitrary code via a crafted
  (1) ARGB, (2) XPM, or (3) BMP file, related to the
  IMAGE_DIMENSIONS_OK macro in lib/image.h.

Comment 1 Alex Legler (RETIRED) archtester

2010-04-22 17:47:02 UTC

According to RedHat [1], only 1.4.3 is affected.
There is not yet an upstream release, only a fix in SVN. I think we can wait until that new release is out.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=584885

Comment 2 SpanKY gentoo-dev

2010-05-08 00:11:17 UTC

imlib2-1.4.4 is now in the tree

Comment 3 Stefan Behte (RETIRED) gentoo-dev

2010-05-22 10:34:53 UTC

It would be nice to punt 1.4.3, this can be closed afterwards, as a vulnerable version was never stable.

Comment 4 Tim Sammut (RETIRED) gentoo-dev

2011-01-02 19:50:36 UTC

(In reply to comment #3)
> It would be nice to punt 1.4.3, this can be closed afterwards, as a vulnerable
> version was never stable.
> 

Vapier, is this possible? Thank you.

Comment 5 SpanKY gentoo-dev

2011-01-02 20:12:32 UTC

ive punted everything older than 1.4.4

Comment 6 Tim Sammut (RETIRED) gentoo-dev

2011-01-02 20:35:59 UTC

(In reply to comment #5)
> ive punted everything older than 1.4.4
> 

Great, thank you. Closing noglsa.