Summary: | <media-gfx/gimp-2.6.12-r2: script-fu Buffer Overflow (CVE-2012-2763) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | the_eccentric | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | normal | CC: | hanno, nikoli, sping | ||||||
Priority: | Normal | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
URL: | http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overf low-GIMP-2.6.html | ||||||||
Whiteboard: | B2 [glsa] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
the_eccentric
2012-05-31 18:39:55 UTC
Hanno or Sebastian. Are one of the >=2.8 versions suitable to stabilize? Not yet still waiting. (In reply to comment #1) > Hanno or Sebastian. Are one of the >=2.8 versions suitable to stabilize? Hard to say. 2.8 if any but it hasn't been around long. (In reply to comment #2) > Not yet still waiting. Waiting for what? Please elaborate. Hanno or Sebastian, shall we stabilize 2.8.0-r1 now? thanks. (In reply to comment #4) > Hanno or Sebastian, shall we stabilize 2.8.0-r1 now? thanks. It seems to be working fine, no bugs have been reported recently or at all (ignoring #414653 and #414853 for the moment). It still feels a bit early but I have no hard objections to it. (In reply to comment #5) > It still feels a bit early > but I have no hard objections to it. Yeah... How about this? If you see any issues between now and Friday, add them as blockers here, please. Otherwise we'll call arches on Friday. (In reply to comment #6) > Yeah... How about this? If you see any issues between now and Friday, add > them as blockers here, please. Otherwise we'll call arches on Friday. Sounds fair. A build issue just came in, adding #422497. Created attachment 317388 [details, diff]
CVE-2012-2763.diff
CVE-2012-2763.diff
Created attachment 317392 [details, diff]
CVE-2012-2763.diff
Working with upstream, we identified the code in 2.8 which fixes this buffer overflow vulnerability in the script-fu server.
The attached patch fixes the issue in gimp 2.6.x.
(In reply to comment #9) > Created attachment 317392 [details, diff] [details, diff] > CVE-2012-2763.diff > > Working with upstream, we identified the code in 2.8 which fixes this buffer > overflow vulnerability in the script-fu server. > > The attached patch fixes the issue in gimp 2.6.x. Thanks! +*gimp-2.6.12-r2 (08 Jul 2012) + + 08 Jul 2012; Sebastian Pipping <sping@gentoo.org> +gimp-2.6.12-r2.ebuild, + +files/gimp-2.6.12-CVE-2012-2763.patch: + Add backport of patch to CVE-2012-2763 by mancha + Commit mentioned in the patch: http://git.gnome.org/browse/gimp/commit/?id=76155d79df8d497d9a5994029247387e222da9e9 Great, thanks! Can we move to stabilize gimp-2.6.12-r2? (In reply to comment #11) > Great, thanks! Can we move to stabilize gimp-2.6.12-r2? No objections from my side. Great, thanks. Arches, please test and mark stable: =media-gfx/gimp-2.6.12-r2 Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86" x86 stable amd64 stable Stable for HPPA. alpha/ia64/sparc stable CVE-2012-2763 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2763): Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server. ppc done ppc64 stable, last arch done Thanks, everyone. This is already on a GLSA draft, ready for review. This issue was resolved and addressed in GLSA 201209-23 at http://security.gentoo.org/glsa/glsa-201209-23.xml by GLSA coordinator Sean Amoss (ackle). |