Bug 628644 (CVE-2017-13063, CVE-2017-13064, CVE-2017-13065)

Summary:

<media-gfx/graphicsmagick-1.3.27: multiple vulnerabilities (CVE-2017-{13063,13064,13065})

Product:

Gentoo Security

Reporter:

D'juan McDonald (domhnall) <flopwiki>

Component:

Vulnerabilities

Assignee:

Gentoo Security <security>

Status:

RESOLVED FIXED

Severity:

minor

CC:

graphics+disabled, sudormrfhalt

Priority:

Normal

Version:

unspecified

Hardware:

All

OS:

Linux

URL:

http://www.graphicsmagick.org/NEWS.html#july-4-2017

Whiteboard:

B3 [noglsa cve]

Package list:

Runtime testing required:

---

Attachments:

Description	Flags
CVE-2017-13063.patch + CVE-2017-13064.patch	none

Description D'juan McDonald (domhnall) 2017-08-22 19:29:01 UTC

(CVE-2017-13063)
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13063

(CVE-2017-13064)
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13064



(CVE-2017-13065)
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13065

Comment 1 D'juan McDonald (domhnall) 2017-08-23 00:09:12 UTC

Upstream Patch: http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a

@maintainer(s), please test and follow procedure to close report, thank you.

Daj'Uan (mbailey_j)
Gentoo Security Scout

Comment 2 Andrey Ovcharov 2017-08-25 23:28:18 UTC

Created attachment 490606 [details, diff]
CVE-2017-13063.patch + CVE-2017-13064.patch

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2018-03-26 00:48:33 UTC

@maintainer(s), please clean the vulnerable version from the tree.

Comment 4 Aaron Bauman (RETIRED) gentoo-dev

2018-03-26 01:40:20 UTC

cleanup will be tracked in bug #640690

GLSA Vote: No