Summary: | <media-gfx/exiv2-0.26_p20171104: Segmentation fault in TiffImageEntry::doWriteImage function (CVE-2017-9239) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Volkan <vBugZilla> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1455859 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
media-gfx/exiv2-0.26_p20171104
|
Runtime testing required: | --- |
Description
Volkan
2017-06-06 14:21:41 UTC
CVE-2017-9239 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9239): An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file. Our version in repository _is_ affected. Upstream patch: https://github.com/Exiv2/exiv2/commit/2f8681e120d277e418941c4361c83b5028f67fd8 Working on it, but build system needs battering into shape once more... exiv-0.26 is now in tree, masked, with CVE-2017-9239 addressed, git commit 30f7dfcd4f9710d6f01ec079cb9ed71424347e5b media-gfx/exiv2-0.26 is unmasked in tree since June 7th, bug 621242 was just fixed. Feel free to stabilise as you see fit. An automated check of this bug failed - the following atom is unknown: media-gfx/exiv2-0.26_p20171018 Please verify the atom list. An automated check of this bug succeeded - the previous repoman errors are now resolved. x86 stable ia64 stable amd64 stable Stable on alpha. ppc64 stable ppc stable hppa stable arm stable, all arches done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cdb23e8b3608be50daebdeb5d904b179a58d8339 commit cdb23e8b3608be50daebdeb5d904b179a58d8339 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2017-11-19 15:23:00 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2017-11-19 15:23:34 +0000 media-gfx/exiv2: Security cleanup Bug: https://bugs.gentoo.org/621028 Package-Manager: Portage-2.3.14, Repoman-2.3.6 media-gfx/exiv2/Manifest | 1 - media-gfx/exiv2/exiv2-0.25-r2.ebuild | 127 --------------------- media-gfx/exiv2/files/exiv2-0.25-fix-docs.patch | 71 ------------ .../exiv2/files/exiv2-0.25-fix-install-dirs.patch | 64 ----------- .../exiv2/files/exiv2-0.25-fix-without-zlib.patch | 22 ---- .../files/exiv2-0.25-fvisibility-hidden.patch | 19 --- .../exiv2/files/exiv2-0.25-hide-symbols.patch | 97 ---------------- .../exiv2/files/exiv2-0.25-tools-optional.patch | 27 ----- 8 files changed, 428 deletions(-)} Cleanup done in git commit cdb23e8b3608be50daebdeb5d904b179a58d8339 commit 319d04a82b6c0c436aa3deee70ea8052ab1a6ba2 Author: Rolf Eike Beer <eike@sf-mail.de> Date: Wed Feb 21 08:55:37 2018 +0100 media-gfx/exiv2: stable 0.26_p20171104 for sparc, bug #621028 |