Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 650714

Summary: <media-libs/exempi-2.4.5: Multiple vulnerabilities
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: freedesktop-bugs
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/gentoo/gentoo/pull/8408
Whiteboard: B3 [noglsa cve]
Package list:
media-libs/exempi-2.4.5
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-03-17 13:25:02 UTC
CVE-2017-18238 (https://nvd.nist.gov/vuln/detail/CVE-2017-18238):
  An issue was discovered in Exempi before 2.4.4. The
  TradQT_Manager::ParseCachedBoxes function in
  XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers
  to cause a denial of service (infinite loop) via crafted XMP data in a .qt
  file.

CVE-2017-18237 (https://nvd.nist.gov/vuln/detail/CVE-2017-18237):
  An issue was discovered in Exempi before 2.4.3. The
  PostScript_Support::ConvertToDate function in
  XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers
  to cause a denial of service (invalid pointer dereference and application
  crash) via a crafted .ps file.

CVE-2017-18236 (https://nvd.nist.gov/vuln/detail/CVE-2017-18236):
  An issue was discovered in Exempi before 2.4.4. The
  ASF_Support::ReadHeaderObject function in
  XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to
  cause a denial of service (infinite loop) via a crafted .asf file.

CVE-2017-18235 (https://nvd.nist.gov/vuln/detail/CVE-2017-18235):
  An issue was discovered in Exempi before 2.4.3. The VPXChunk class in
  XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero
  widths and heights, which allows remote attackers to cause a denial of
  service (assertion failure and application exit) via a crafted .webp file.

CVE-2017-18234 (https://nvd.nist.gov/vuln/detail/CVE-2017-18234):
  An issue was discovered in Exempi before 2.4.3. It allows remote attackers
  to cause a denial of service (invalid memcpy with resultant use-after-free)
  or possibly have unspecified other impact via a .pdf file containing JPEG
  data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,
  XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and
  XMPFiles/source/FormatSupport/TIFF_Support.hpp.

CVE-2017-18233 (https://nvd.nist.gov/vuln/detail/CVE-2017-18233):
  An issue was discovered in Exempi before 2.4.4. Integer overflow in the
  Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote
  attackers to cause a denial of service (infinite loop) via crafted XMP data
  in a .avi file.
Comment 1 Gilles Dartiguelongue (RETIRED) gentoo-dev 2018-03-25 21:20:32 UTC
All referenced CVE as shipped in 2.4.5 after tracking references between NVD, upstream bugzilla and git.
Comment 2 Larry the Git Cow gentoo-dev 2018-03-25 21:33:12 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b566633d73ffee4a83dd4ed6cf2c411a297b3763

commit b566633d73ffee4a83dd4ed6cf2c411a297b3763
Author:     Gilles Dartiguelongue <eva@gentoo.org>
AuthorDate: 2018-03-25 21:21:23 +0000
Commit:     Gilles Dartiguelongue <eva@gentoo.org>
CommitDate: 2018-03-25 21:32:58 +0000

    media-libs/exempi: version bump to 2.4.5 fixing multiple security issues
    
    Bug: https://bugs.gentoo.org/649950
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.24, Repoman-2.3.6

 media-libs/exempi/Manifest            |  1 +
 media-libs/exempi/exempi-2.4.5.ebuild | 52 +++++++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+)}
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2018-03-26 01:58:49 UTC
@maintainer(s), please call for stable when ready.
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-28 21:45:20 UTC
ia64 stable
Comment 5 Larry the Git Cow gentoo-dev 2018-03-29 02:01:17 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a2f56b3cd43cccaa391bd1cb14ed63e332f9783

commit 3a2f56b3cd43cccaa391bd1cb14ed63e332f9783
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-03-29 01:47:17 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-03-29 01:47:17 +0000

    media-libs/exempi: amd64 stable
    
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.26, Repoman-2.3.7

 media-libs/exempi/exempi-2.4.5.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-29 14:53:32 UTC
x86 stable
Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-29 14:55:41 UTC
x86 stable
Comment 8 Tobias Klausmann (RETIRED) gentoo-dev 2018-04-01 10:01:46 UTC
Stable on alpha.
Comment 9 Matt Turner gentoo-dev 2018-04-08 05:03:49 UTC
ppc stable
Comment 10 Matt Turner gentoo-dev 2018-04-08 05:03:56 UTC
ppc64 stable
Comment 11 Markus Meier gentoo-dev 2018-04-14 11:38:15 UTC
arm stable
Comment 12 Larry the Git Cow gentoo-dev 2018-04-16 18:36:00 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5bf9aef2430d9e45ba04da79933eacf36088646f

commit 5bf9aef2430d9e45ba04da79933eacf36088646f
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-04-16 16:49:57 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-16 18:35:29 +0000

    media-libs/exempi: stable 2.4.5 for sparc
    
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 media-libs/exempi/exempi-2.4.5.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}
Comment 13 Matt Turner gentoo-dev 2018-04-22 19:18:14 UTC
hppa stable
Comment 14 Aaron Bauman (RETIRED) gentoo-dev 2018-04-22 21:06:19 UTC
GLSA Vote: No

@maintainer(s), please drop the vulnerable.
Comment 15 Larry the Git Cow gentoo-dev 2018-05-15 00:21:41 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fb773267d167d1914e2260c25ef225c4019f832

commit 6fb773267d167d1914e2260c25ef225c4019f832
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-05-14 23:10:13 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-05-15 00:21:28 +0000

    media-libs/exempi: drop vulnerable
    
    Bug: https://bugs.gentoo.org/650714
    Package-Manager: Portage-2.3.36, Repoman-2.3.9
    Closes: https://github.com/gentoo/gentoo/pull/8408

 media-libs/exempi/Manifest            |  2 --
 media-libs/exempi/exempi-2.2.1.ebuild | 48 --------------------------------
 media-libs/exempi/exempi-2.4.2.ebuild | 52 -----------------------------------
 3 files changed, 102 deletions(-)