Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 202350 - media-libs/libexif < 0.6.16-r1 Multiple vulnerabilities (CVE-2007-{6351,6352})
Summary: media-libs/libexif < 0.6.16-r1 Multiple vulnerabilities (CVE-2007-{6351,6352})
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major
Assignee: Gentoo Security
URL: http://dev.robotbattle.com/mantis/vie...
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-12-15 00:21 UTC by Robert Buchholz (RETIRED)
Modified: 2020-04-04 10:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
libexif-CVE-2007-6351.patch (libexif-CVE-2007-6351.patch,405 bytes, patch)
2007-12-15 00:23 UTC, Robert Buchholz (RETIRED)
no flags Details | Diff
libexif-CVE-2007-6352.patch (libexif-CVE-2007-6352.patch,691 bytes, patch)
2007-12-15 00:23 UTC, Robert Buchholz (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2007-12-15 00:21:57 UTC
Meder Kydyraliev (Google Security) reported two issues in libexif:

CVE-2007-6351:
  Infinite recursion leading to a DoS.

CVE-2007-6352:
  Integer overflow when calculating memory boundaries.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-12-15 00:22:37 UTC
eradicator, i'll attach upstream committed patches in a second. Please advise.
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2007-12-15 00:23:03 UTC
Created attachment 138525 [details, diff]
libexif-CVE-2007-6351.patch
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2007-12-15 00:23:25 UTC
Created attachment 138526 [details, diff]
libexif-CVE-2007-6352.patch
Comment 4 Jeremy Huddleston (RETIRED) gentoo-dev 2007-12-18 17:46:55 UTC
In portage.

Targeted keywords:
alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sh sparc x86
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2007-12-18 20:06:13 UTC
Arches, please test and mark stable media-libs/libexif-0.6.16-r1.


Comment 6 Ferris McCormick (RETIRED) gentoo-dev 2007-12-18 20:21:10 UTC
Stable for sparc, all tests pass as expected.
Comment 7 Jonas Pedersen 2007-12-18 21:07:47 UTC
media-libs/libexif-0.6.16-r1  USE="nls -doc"

1. Emerges on AMD64. 
2. No collisions and passes test. 
3. Works - gimp depends on it and is still working. 

Please mark stable on AMD64. 

Portage 2.1.3.19 (default-linux/amd64/2007.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.23-gentoo-r3 x86_64)
=================================================================
System uname: 2.6.23-gentoo-r3 x86_64 Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
Timestamp of tree: Sat, 15 Dec 2007 22:46:01 +0000
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ccache version 2.4 [enabled]
app-shells/bash:     3.2_p17
dev-java/java-config: 1.3.7, 2.0.33-r1
dev-lang/python:     2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 1.12.9-r2
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.3.16
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.22-r2
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -Os -msse3 -pipe -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -Os -msse3 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="ccache collision-protect distcc distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test unmerge-orphans userfetch"
GENTOO_MIRRORS="http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://trumpetti.atm.tut.fi/gentoo/ http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://ds.thn.htu.se/linux/gentoo"
LC_ALL="en_DK.utf8"
MAKEOPTS="-j6"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/php-testing /usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X a52 aac acl acpi aiglx alsa amd64 apache2 arts atk berkdb bitmap-fonts cairo cdr cli cracklib crypt cups dbus dga directfb dri dts dvd dvdr dvdread eds emboss encode evo fam fbcn ffmpeg firefox fortran ftp gd gdbm gif gphoto2 gpm gstreamer gtk hal iconv icq ieee1394 ipv6 isdnlog java jpeg kde kerberos live lm_sensors mad midi mikmod mjpeg mmx mozilla mp2 mp3 mpeg mplayer msn mudflap ncurses nls nptl nptlonly ogg oggvorbis opengl openmp pam pcre pda pdf perl png ppds pppd python qt qt3 qt3support qt4 quicktime readline reflection samba sdl session spell spl sse sse2 sse3 ssl svg tcpd test threads tiff truetype truetype-fonts type1-fonts unicode vorbis x264 xcomposite xml xorg xscreensaver xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="radeon"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2007-12-18 21:14:36 UTC
Stable for HPPA.
Comment 9 Brent Baude (RETIRED) gentoo-dev 2007-12-18 22:39:12 UTC
ppc and ppc64 done
Comment 10 Peter Weller (RETIRED) gentoo-dev 2007-12-19 15:33:19 UTC
amd64 done, thanks Jonas
Comment 11 Raúl Porcel (RETIRED) gentoo-dev 2007-12-19 16:23:11 UTC
alpha/ia64/sparc stable
Comment 12 Tobias Heinlein (RETIRED) gentoo-dev 2007-12-21 23:07:44 UTC
All arches done, GLSA request filed.
Comment 13 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-12-29 13:20:32 UTC
GLSA 200712-15