Summary: | <media-gfx/exiv2-0.26_p20171104: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Aleksandr Wagner (Kivak) <alwag> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/Exiv2/exiv2/issues/73 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 628264, 628396, 635220 |
Description
Aleksandr Wagner (Kivak)
2017-09-28 13:43:40 UTC
CVE-2017-14858 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14858): There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. References: https://bugzilla.redhat.com/show_bug.cgi?id=1494782 CVE-2017-14857 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14857) In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack. References: https://bugzilla.redhat.com/show_bug.cgi?id=1495043 At least part of these CVEs is fixed in snapshot 0.26_p20171013. Current snapshot media-gfx/exiv2-0.26_p20171018 should be unaffected. (In reply to Andreas Sturmlechner from comment #3) > Current snapshot media-gfx/exiv2-0.26_p20171018 should be unaffected. Thank you Andreas, could you please call for stabilization here when ready? Cleanup done in git commit cdb23e8b3608be50daebdeb5d904b179a58d8339 |