TITLE: KDE kdelibs PCX Image Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA14908 VERIFY ADVISORY: http://secunia.com/advisories/14908/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: KDE 3.x http://secunia.com/product/219/ DESCRIPTION: Bruno Rohee has reported a vulnerability in KDE kdelibs, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the kimgio component when processing PCX image files. This may be exploited via a specially crafted image file to execute arbitrary code via an application linked against the vulnerable library. The vulnerability has been reported in KDE 3.4.0. Other version may also be affected. SOLUTION: Do not open untrusted images in applications linked against the vulnerable library. PROVIDED AND/OR DISCOVERED BY: Bruno Rohee ORIGINAL ADVISORY: KDE bug report: http://bugs.kde.org/show_bug.cgi?id=102328 SUSE advisory: http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html
kde please advise.
Created attachment 56163 [details] xv.pdf (bugtray email by Bruno Rohee) Once again this is a general media-gfx/xv issue. According to Dirk Mueller (kde.org) there are still issues neither covered by the bug report nor the Secunia/Suse advisories.
Carlo: what does the kdelibs PCX loading thing has to do with XV vulnerabilities ? It shares the same code ?
Turns out that it has nothing to do with the xv code, though the problem is similar.
kde will you wait for upstream to release a fixed version or patch the current ebuild?
Upstrem will officially release a patch really soon.
It just looks like we don't get a patch for KDE 3.2.3. Does anyone volunteer?
Grabed the 3.2 branch stuff, which seems to be fixed, patch in the works. Marcus: cc'ing you in advance, doesn't harm if the patch is inspected by a few more than my two eyes.
Well, just did it. Herds: As this commit fixes Bug 81110, too, please take the chance and mark net-dns/libidn-0.5.13 stable before, if you don't have already. <<< kdelibs-3.2.3-r8.ebuild <<< kdelibs-3.2.3-r9.ebuild Thanks.
You meant <<< kdelibs-3.3.2-r8.ebuild <<< kdelibs-3.2.3-r9.ebuild right?
According to the Changelog it is both the 3.2.x and 3.3.x series: kdelibs-3.2.3-r9 kdelibs-3.3.2-r8 Arches please test and mark stable.
Um, right. The ebuilds looked too similar. :|
Pylon already marked them stable. Removing ppc@g.o from CC.
sparc stable.
Stable on alpha and ia64.
stable on ppc64
GLSA 200504-22 hppa, mips remember to mark stable to benifit from GLSA.
The issued patch broke reading of .rgb files ( which were not supported by KDE 3.2), so <<< files/digest-kdelibs-3.3.2-r9 Herds, please...
Stable on ppc.
stable on amd64
Stable on alpha + ia64.
Stable on hppa.
SPARC'd
Closing again. mips please remember to mark stable.
Stable on mips.