| Summary: | <media-libs/libraw-0.17.1: input sanitization errors (CVE-2015-3885) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | graphics+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.openwall.com/lists/oss-security/2015/05/11/4 | ||
| Whiteboard: | B2 [glsa cve] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 567254 | ||
| Bug Blocks: | |||
This was fixed by upstream in v0.17.0. From http://www.libraw.org/news/libraw-0-17: > Dcraw 9.26 imported (but some changes not approved because Libraw do > it better) with some exceptions: First fixed version in Gentoo repository was v0.17.1. Stabilization happens in bug 567254. This was already released and GLSA amended. |
From ${URL} : #2015-006 dcraw input sanitization errors Description: The dcraw photo decoder is an open source project for raw image parsing. The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpeg_start() function. A maliciously crafted raw image file can be used to trigger the vulnerability, causing a Denial of Service condition. Affected version: dcraw >= 7.00 UFRaw >= 0.5 LibRaw <= 0.16.0, 0.17-Alpha2 RawTherapee >= 3.0 CxImage >= 6.00 Rawstudio >= 0.1 Kodi >= 10.0 ExactImage >= 0.1.0 Fixed version: dcraw, N/A UFRaw, N/A LibRaw >= 0.16.1, 0.17-Alpha3 RawTherapee, N/A CxImage, N/A Rawstudio, N/A Kodi, N/A ExactImage, N/A Credit: vulnerability report from Eduardo Castellanos <guayin [at] gmail [dot] com>. CVE: N/A Timeline: 2015-04-24: vulnerability report received 2015-04-27: contacted dcraw maintainer 2015-04-30: patch provided by maintainer 2015-05-04: reporter confirms patch 2015-05-11: contacted additional affected vendors 2015-05-11: advisory release References: https://github.com/LibRaw/LibRaw/commit/4606c28f494a750892c5c1ac7903e62dd1c6fdb5 https://github.com/rawstudio/rawstudio/commit/983bda1f0fa5fa86884381208274198a620f006e Permalink: http://www.ocert.org/advisories/ocert-2015-006.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.