Summary: | <app-forensics/sleuthkit-4.5.0: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | glsamaker, gokturk |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/sleuthkit/sleuthkit/issues/906 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=app-forensics/sleuthkit-4.5.0
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-08-30 07:59:07 UTC
CVE-2017-13756: In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. CVE-2017-13755: In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls. *** Bug 635232 has been marked as a duplicate of this bug. *** I confirm that the 4.4.2 in the tree is vulnerable to all three CVEs The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1029e7bca66676be009d086091823465f107bd2e commit 1029e7bca66676be009d086091823465f107bd2e Author: Göktürk Yüksek <gokturk@gentoo.org> AuthorDate: 2017-11-08 23:55:59 +0000 Commit: Göktürk Yüksek <gokturk@gentoo.org> CommitDate: 2017-11-08 23:55:59 +0000 app-forensics/sleuthkit: remove vulnerable version 4.4.2 #629352 This version is vulnerable to the following CVEs: CVE-2017-13755, CVE-2017-13756, CVE-2017-13760 Bug: https://bugs.gentoo.org/629352 Package-Manager: Portage-2.3.8, Repoman-2.3.2 app-forensics/sleuthkit/Manifest | 1 - app-forensics/sleuthkit/sleuthkit-4.4.2.ebuild | 175 ------------------------- 2 files changed, 176 deletions(-)} I've pushed sleuthkit-4.5.0 which fixes all the tree CVEs. (In reply to Göktürk Yüksek from comment #5) > I've pushed sleuthkit-4.5.0 which fixes all the tree CVEs. Thank you, could you please confirm if prior versions (especially 4.0.2) are vulnerable? if that's the case please call for stabilization when ready. If not please let us know to reassign whiteboard to reflect the real status. Thank you @maintainer(s), Please set your keywords, package list and cc arches to start stabilization. Thank you. Gentoo Security Padawan (jmbailey/mbailey_j) Arches, please proceed with the stabilization. @ChrisADR, I didn't see anything about prior versions in the CVEs. I'll more likely clean the prior versions after this stabilization. amd64 stable x86 stable ppc stable hppa stable GLSA Vote: No @maintainer, please clean the vulnerable versions. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15edf362028940ec8457c508320f17dbc1ef6a8b commit 15edf362028940ec8457c508320f17dbc1ef6a8b Author: Göktürk Yüksek <gokturk@gentoo.org> AuthorDate: 2018-04-23 21:51:26 +0000 Commit: Göktürk Yüksek <gokturk@gentoo.org> CommitDate: 2018-04-23 21:52:05 +0000 app-forensics/sleuthkit: clean up old & vulnerable #629352 Bug: https://bugs.gentoo.org/629352 Package-Manager: Portage-2.3.27, Repoman-2.3.9 app-forensics/sleuthkit/Manifest | 4 -- .../files/sleuthkit-3.2.3-tools-shared-libs.patch | 55 ---------------------- .../files/sleuthkit-4.0.0-system-sqlite.patch | 34 ------------- .../files/sleuthkit-4.1.0-system-sqlite.patch | 34 ------------- app-forensics/sleuthkit/sleuthkit-4.0.2.ebuild | 39 --------------- app-forensics/sleuthkit/sleuthkit-4.1.0.ebuild | 38 --------------- app-forensics/sleuthkit/sleuthkit-4.1.2.ebuild | 38 --------------- app-forensics/sleuthkit/sleuthkit-4.1.3.ebuild | 38 --------------- 8 files changed, 280 deletions(-)} |