650714 – <media-libs/exempi-2.4.5: Multiple vulnerabilities

Bug 650714 - <media-libs/exempi-2.4.5: Multiple vulnerabilities

Summary: <media-libs/exempi-2.4.5: Multiple vulnerabilities

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2018-03-17 13:25 UTC by GLSAMaker/CVETool Bot
Modified:	2018-05-15 00:22 UTC (History)
CC List:	1 user (show)

See Also:	https://github.com/gentoo/gentoo/pull/8408
Package list:	media-libs/exempi-2.4.5
Runtime testing required:	---

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2018-03-17 13:25:02 UTC

CVE-2017-18238 (https://nvd.nist.gov/vuln/detail/CVE-2017-18238):
  An issue was discovered in Exempi before 2.4.4. The
  TradQT_Manager::ParseCachedBoxes function in
  XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers
  to cause a denial of service (infinite loop) via crafted XMP data in a .qt
  file.

CVE-2017-18237 (https://nvd.nist.gov/vuln/detail/CVE-2017-18237):
  An issue was discovered in Exempi before 2.4.3. The
  PostScript_Support::ConvertToDate function in
  XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers
  to cause a denial of service (invalid pointer dereference and application
  crash) via a crafted .ps file.

CVE-2017-18236 (https://nvd.nist.gov/vuln/detail/CVE-2017-18236):
  An issue was discovered in Exempi before 2.4.4. The
  ASF_Support::ReadHeaderObject function in
  XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to
  cause a denial of service (infinite loop) via a crafted .asf file.

CVE-2017-18235 (https://nvd.nist.gov/vuln/detail/CVE-2017-18235):
  An issue was discovered in Exempi before 2.4.3. The VPXChunk class in
  XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero
  widths and heights, which allows remote attackers to cause a denial of
  service (assertion failure and application exit) via a crafted .webp file.

CVE-2017-18234 (https://nvd.nist.gov/vuln/detail/CVE-2017-18234):
  An issue was discovered in Exempi before 2.4.3. It allows remote attackers
  to cause a denial of service (invalid memcpy with resultant use-after-free)
  or possibly have unspecified other impact via a .pdf file containing JPEG
  data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,
  XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and
  XMPFiles/source/FormatSupport/TIFF_Support.hpp.

CVE-2017-18233 (https://nvd.nist.gov/vuln/detail/CVE-2017-18233):
  An issue was discovered in Exempi before 2.4.4. Integer overflow in the
  Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote
  attackers to cause a denial of service (infinite loop) via crafted XMP data
  in a .avi file.

Comment 1 Gilles Dartiguelongue (RETIRED) gentoo-dev

2018-03-25 21:20:32 UTC

All referenced CVE as shipped in 2.4.5 after tracking references between NVD, upstream bugzilla and git.

Comment 2 Larry the Git Cow gentoo-dev

2018-03-25 21:33:12 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b566633d73ffee4a83dd4ed6cf2c411a297b3763

commit b566633d73ffee4a83dd4ed6cf2c411a297b3763
Author:     Gilles Dartiguelongue <eva@gentoo.org>
AuthorDate: 2018-03-25 21:21:23 +0000
Commit:     Gilles Dartiguelongue <eva@gentoo.org>
CommitDate: 2018-03-25 21:32:58 +0000

    media-libs/exempi: version bump to 2.4.5 fixing multiple security issues
    
    Bug: https://bugs.gentoo.org/649950
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.24, Repoman-2.3.6

 media-libs/exempi/Manifest            |  1 +
 media-libs/exempi/exempi-2.4.5.ebuild | 52 +++++++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+)}

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2018-03-26 01:58:49 UTC

@maintainer(s), please call for stable when ready.

Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev

2018-03-28 21:45:20 UTC

ia64 stable

Comment 5 Larry the Git Cow gentoo-dev

2018-03-29 02:01:17 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a2f56b3cd43cccaa391bd1cb14ed63e332f9783

commit 3a2f56b3cd43cccaa391bd1cb14ed63e332f9783
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-03-29 01:47:17 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-03-29 01:47:17 +0000

    media-libs/exempi: amd64 stable
    
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.26, Repoman-2.3.7

 media-libs/exempi/exempi-2.4.5.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}

Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev

2018-03-29 14:53:32 UTC

x86 stable

Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev

2018-03-29 14:55:41 UTC

x86 stable

Comment 8 Tobias Klausmann (RETIRED) gentoo-dev

2018-04-01 10:01:46 UTC

Stable on alpha.

Comment 9 Matt Turner gentoo-dev

2018-04-08 05:03:49 UTC

ppc stable

Comment 10 Matt Turner gentoo-dev

2018-04-08 05:03:56 UTC

ppc64 stable

Comment 11 Markus Meier gentoo-dev

2018-04-14 11:38:15 UTC

arm stable

Comment 12 Larry the Git Cow gentoo-dev

2018-04-16 18:36:00 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5bf9aef2430d9e45ba04da79933eacf36088646f

commit 5bf9aef2430d9e45ba04da79933eacf36088646f
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-04-16 16:49:57 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-16 18:35:29 +0000

    media-libs/exempi: stable 2.4.5 for sparc
    
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 media-libs/exempi/exempi-2.4.5.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}

Comment 13 Matt Turner gentoo-dev

2018-04-22 19:18:14 UTC

hppa stable

Comment 14 Aaron Bauman (RETIRED) gentoo-dev

2018-04-22 21:06:19 UTC

GLSA Vote: No

@maintainer(s), please drop the vulnerable.

Comment 15 Larry the Git Cow gentoo-dev

2018-05-15 00:21:41 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fb773267d167d1914e2260c25ef225c4019f832

commit 6fb773267d167d1914e2260c25ef225c4019f832
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-05-14 23:10:13 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-05-15 00:21:28 +0000

    media-libs/exempi: drop vulnerable
    
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.36, Repoman-2.3.9
    Closes: https://github.com/gentoo/gentoo/pull/8408

 media-libs/exempi/Manifest            |  2 --
 media-libs/exempi/exempi-2.2.1.ebuild | 48 --------------------------------
 media-libs/exempi/exempi-2.4.2.ebuild | 52 -----------------------------------
 3 files changed, 102 deletions(-)