Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 690732 (CVE-2019-7663) - <media-libs/tiff-4.0.10-r1: Multiple vulnerabilities
Summary: <media-libs/tiff-4.0.10-r1: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2019-7663
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://bugzilla.maptools.org/show_bug...
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on: CVE-2019-14973
Blocks:
  Show dependency tree
 
Reported: 2019-07-25 21:17 UTC by Benjamin Gordon
Modified: 2020-03-15 15:11 UTC (History)
0 users

See Also:
Package list:
media-libs/tiff-4.0.10-r1
Runtime testing required: Yes
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Benjamin Gordon 2019-07-25 21:17:28 UTC
CVE-2018-17000, CVE-2019-6128, and CVE-2019-7663 appear to affect the current 4.0.10 tiff ebuild.  https://github.com/gentoo/gentoo/pull/11743 looks like it has fixes for the first two.  I'll send a PR with the upstream patches for the third one shortly.

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2019-08-05 00:12:12 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1408d12740a4cd2a6d71fe5f52386d9d77128645

commit 1408d12740a4cd2a6d71fe5f52386d9d77128645
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2019-08-05 00:03:19 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2019-08-05 00:12:00 +0000

    media-libs/tiff: revbump to address open security bugs
    
    * This commit addresses 3 outstanding security issues reported by the
    individuals listed below.
    
    * This commit involved cherry-picking the patches and adding a revbump as
    the original PR's renamed the original ebuild and kept stable keywords.
    
    Bug: https://bugs.gentoo.org/639700
    Bug: https://bugs.gentoo.org/690732
    
    Closes: https://github.com/gentoo/gentoo/pull/12543
    Closes: https://github.com/gentoo/gentoo/pull/11743
    
    Reported-by: Benjamin Gordon <bmgordon@chromium.org>
    Reported-by: Allen Webb <allenwebb@google.com>
    Signed-off-by: Aaron Bauman <bman@gentoo.org>

 ...-2018-17000-tif_dirwrite-null-dereference.patch | 33 +++++++++
 .../tiff-4.0.10-CVE-2019-6128-pal2rgb-leak.patch   | 48 ++++++++++++
 ....0.10-CVE-2019-7663-tiffcpIntegerOverflow.patch | 73 ++++++++++++++++++
 media-libs/tiff/tiff-4.0.10-r1.ebuild              | 86 ++++++++++++++++++++++
 4 files changed, 240 insertions(+)
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-08-05 21:27:46 UTC
arm64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2019-08-06 07:22:19 UTC
s390 stable
Comment 4 Agostino Sarubbo gentoo-dev 2019-08-06 07:52:15 UTC
ppc64 stable
Comment 5 Rolf Eike Beer archtester 2019-08-06 07:58:24 UTC
sparc stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-08-06 08:02:02 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-08-06 09:40:10 UTC
amd64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2019-08-06 09:42:36 UTC
x86 stable
Comment 9 Agostino Sarubbo gentoo-dev 2019-08-06 09:52:34 UTC
alpha stable
Comment 10 Agostino Sarubbo gentoo-dev 2019-08-06 11:44:19 UTC
ia64 stable
Comment 11 Rolf Eike Beer archtester 2019-08-09 17:34:34 UTC
hppa stable
Comment 12 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-15 14:57:13 UTC
Added to an existing GLSA.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2020-03-15 15:11:56 UTC
This issue was resolved and addressed in
 GLSA 202003-25 at https://security.gentoo.org/glsa/202003-25
by GLSA coordinator Thomas Deutschmann (whissi).