Summary: | <media-libs/jasper-1.900.1-r4: JPEG2000 File Processing vulnerabilities CVE-2011-{4516,4517} | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Harrison <n0idx80> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | phosphan, sci |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/47175/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Michael Harrison
2011-12-15 23:35:31 UTC
Michael, thanks for the bug. Please include all herds and maintainers (from the package metadata) in CC. Also, please do not include version information in the Summary until we know what version is fixed in Gentoo. Thanks! Is their a possible fix available? Does this be a valid fix? http://pkgs.fedoraproject.org/gitweb/?p=jasper.git;a=blob;f=jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch;h=f753080a3af4375a33650495a15df1b3d5659ab1;hb=c73923e32e029920bdf9deb0719dd180e3942b93 (In reply to comment #3) > Does this be a valid fix? > It looks like it, yeah. Looks ok, -r4 in CVS. Could the arch teams make it stable soon, please? (In reply to comment #5) Could the arch teams make it stable soon, please? done, amd64/x86 stable Arches, please test and mark stable: =media-libs/jasper-1.900.1-r4 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" Already stable : "amd64 x86" Missing keywords: "alpha arm hppa ia64 ppc ppc64 s390 sh sparc" alpha/arm/ia64/s390/sh/sparc stable Stable for HPPA. CVE-2011-4517 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4517): The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a malformed JPEG2000 file. CVE-2011-4516 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4516): Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a JPEG2000 file. ppc/ppc64 done Thanks, everyone. GLSA request filed. This issue was resolved and addressed in GLSA 201201-10 at http://security.gentoo.org/glsa/glsa-201201-10.xml by GLSA coordinator Sean Amoss (ackle). |