Summary: | <media-libs/tiff-4.0.9-r2: Heap-based buffer overflow in t2p_write_pdf function | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940 | ||
See Also: |
https://bugzilla.redhat.com/show_bug.cgi?id=1469725 http://bugzilla.maptools.org/show_bug.cgi?id=2704 https://github.com/gentoo/gentoo/pull/7204 |
||
Whiteboard: | A4 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-07-12 14:51:42 UTC
upstream fix is here: https://gitlab.com/libtiff/libtiff/commit/3dd8f6a357981a4090f126ab9025056c938b6940 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb1365ccd7332af4595538bc6b2244058db7b79b commit eb1365ccd7332af4595538bc6b2244058db7b79b Author: Mike Frysinger <vapier@gentoo.org> AuthorDate: 2018-01-26 03:54:26 +0000 Commit: Mike Frysinger <vapier@gentoo.org> CommitDate: 2018-01-26 22:25:18 +0000 media-libs/tiff: add upstream fix for CVE-2017-9935 #624696 Also drop some pdfium patches that they dropped when moving to 4.0.8. Bug: https://bugs.gentoo.org/624696 .../tiff/files/tiff-4.0.9-CVE-2017-9935.patch | 153 +++++++++++++++++++++ media-libs/tiff/tiff-4.0.9-r1.ebuild | 79 +++++++++++ 2 files changed, 232 insertions(+)} AFAIK this is only partly the fix. Upstream https://gitlab.com/libtiff/libtiff/commit/d4f213636b6f950498a1386083199bd7f65676b9 is also needed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88961c859ba1efbe6e3555246444dc0456bddcb8 commit 88961c859ba1efbe6e3555246444dc0456bddcb8 Author: Michael Vetter <jubalh@iodoru.org> AuthorDate: 2018-02-16 15:04:47 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2018-02-16 15:21:33 +0000 media-libs/tiff: Patch to fix type (CVE-2017-9935) CVE-2017-9935 has a second commit with ID d4f213636b6f950498a1386083199bd7f65676b9 to fix the type of the table. Bug: https://bugs.gentoo.org/624696 Package-Manager: Portage-2.3.19, Repoman-2.3.6 Closes: https://github.com/gentoo/gentoo/pull/7204 ...ff-4.0.9-CVE-2017-9935-fix-incorrect-type.patch | 58 ++++++++++++++++ media-libs/tiff/tiff-4.0.9-r2.ebuild | 80 ++++++++++++++++++++++ 2 files changed, 138 insertions(+)} The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=37595745cfaca05f187eba0f3b9a392a79510393 commit 37595745cfaca05f187eba0f3b9a392a79510393 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2018-06-11 15:15:09 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2018-06-11 15:15:09 +0000 media-libs/tiff: drop vulnerable Bug: https://bugs.gentoo.org/624696 Package-Manager: Portage-2.3.40, Repoman-2.3.9 media-libs/tiff/Manifest | 1 - media-libs/tiff/tiff-4.0.8.ebuild | 80 ------------------------------------ media-libs/tiff/tiff-4.0.9-r1.ebuild | 75 --------------------------------- media-libs/tiff/tiff-4.0.9-r2.ebuild | 79 ----------------------------------- 4 files changed, 235 deletions(-) Downgraded. GLSA Vote: No Tree is clean |