CVE-2017-16663 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-16663): In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * height" multiplications occur unsafely.
@Maintainers keep in mind bug 631636, after the bump please call for stabilization when ready. Thank you
Upstream Patch: https://github.com/pts/sam2p/commit/b3dd8209cc98673d682e82971bf822568f8efa27 Gentoo Security Padawan (jmbailey/mbailey_j)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=173810552f074b83f9d0bdee1e50e5691904b9d9 commit 173810552f074b83f9d0bdee1e50e5691904b9d9 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-10-04 17:09:13 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2020-10-04 17:09:13 +0000 media-gfx/sam2p: Security bump Bug: https://bugs.gentoo.org/631636 Bug: https://bugs.gentoo.org/636876 Bug: https://bugs.gentoo.org/649750 Package-Manager: Portage-2.3.101, Repoman-2.3.22 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/16286 Signed-off-by: David Seifert <soap@gentoo.org> media-gfx/sam2p/Manifest | 1 + media-gfx/sam2p/files/sam2p-configure-strip.patch | 30 +++++++++++ media-gfx/sam2p/sam2p-0.49.4_p20190718.ebuild | 62 +++++++++++++++++++++++ 3 files changed, 93 insertions(+)
Unable to check for sanity: > no match for package: media-gfx/sam2p-0.49.4_p20190718
arm done
sparc done
tatt looks good for amd64. USE tests started on Mon Oct 12 23:04:37 CDT 2020 FEATURES=' test' USE='' succeeded for =media-gfx/sam2p-0.49.4_p20190718-r1 USE='-examples -gif' succeeded for =media-gfx/sam2p-0.49.4_p20190718-r1 USE='examples -gif' succeeded for =media-gfx/sam2p-0.49.4_p20190718-r1 USE='-examples gif' succeeded for =media-gfx/sam2p-0.49.4_p20190718-r1 USE='examples gif' succeeded for =media-gfx/sam2p-0.49.4_p20190718-r1 revdep tests started on Mon Oct 12 23:10:33 CDT 2020 FEATURES=' test' USE='' succeeded for app-text/texlive
amd64 stable
ppc stable
ppc64 stable
x86 stable
hppa stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6eb198608ec3087deffd074ab6a8be044165051a commit 6eb198608ec3087deffd074ab6a8be044165051a Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-10-16 01:12:57 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-11-11 00:25:33 +0000 media-gfx/sam2p: drop 0.49.3 (security) Bug: https://bugs.gentoo.org/636876 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/17945 Signed-off-by: Sam James <sam@gentoo.org> media-gfx/sam2p/Manifest | 1 - .../sam2p/files/sam2p-0.49.3-build-fixes.patch | 160 --------------------- media-gfx/sam2p/files/sam2p-0.49.3-perl526.patch | 23 --- media-gfx/sam2p/sam2p-0.49.3.ebuild | 47 ------ 4 files changed, 231 deletions(-)