Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 689642 (CVE-2018-20097, CVE-2019-13114, CVE-2019-13504)

Summary: <media-gfx/exiv2-0.27.2: multiple vulnerabilities
Product: Gentoo Security Reporter: D'juan McDonald (domhnall) <flopwiki>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: graphics+disabled, kde
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/Exiv2/exiv2/pull/943
Whiteboard: B3 [noglsa cve stable]
Package list:
media-gfx/exiv2-0.27.2
Runtime testing required: ---
Bug Depends on: 688566, 688912    
Bug Blocks:    

Description D'juan McDonald (domhnall) 2019-07-11 05:17:38 UTC
(https://nvd.nist.gov/vuln/detail/CVE-2019-13504):

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.


Gentoo Security Padawan
(domhnall)
Comment 1 Andreas Sturmlechner gentoo-dev 2019-07-20 17:47:45 UTC
0.27.2 release is planned for 2019-07-31
Comment 2 Larry the Git Cow gentoo-dev 2019-07-21 16:13:41 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a5596fa323540961fec3729e052a75baa88c8954

commit a5596fa323540961fec3729e052a75baa88c8954
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2019-07-21 15:59:57 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2019-07-21 16:13:21 +0000

    media-gfx/exiv2: 0.27.2_rc3 version bump for testing
    
    This is the last RC before 0.27.2 release that is planned for 2019-07-31.
    
    Bug: https://bugs.gentoo.org/689642
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 media-gfx/exiv2/Manifest                |   1 +
 media-gfx/exiv2/exiv2-0.27.2_rc3.ebuild | 103 ++++++++++++++++++++++++++++++++
 2 files changed, 104 insertions(+)
Comment 3 Larry the Git Cow gentoo-dev 2019-07-29 18:55:54 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d0e96ba43734040a82ad7b8302da4bf147802ef9

commit d0e96ba43734040a82ad7b8302da4bf147802ef9
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2019-07-29 18:49:26 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2019-07-29 18:55:40 +0000

    media-gfx/exiv2: 0.27.2 version bump
    
    Bug: https://bugs.gentoo.org/689642
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 media-gfx/exiv2/Manifest            |   1 +
 media-gfx/exiv2/exiv2-0.27.2.ebuild | 101 ++++++++++++++++++++++++++++++++++++
 2 files changed, 102 insertions(+)
Comment 4 Andreas Sturmlechner gentoo-dev 2019-07-29 19:03:04 UTC
Documentation changes only since rc3, arches please stabilise.
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2019-07-29 22:07:02 UTC
arm64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-07-31 10:54:28 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-07-31 10:56:10 UTC
ppc64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2019-07-31 11:01:21 UTC
amd64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2019-07-31 11:08:25 UTC
x86 stable
Comment 10 Agostino Sarubbo gentoo-dev 2019-07-31 12:10:15 UTC
alpha stable
Comment 11 Agostino Sarubbo gentoo-dev 2019-07-31 13:11:34 UTC
sparc stable
Comment 12 Agostino Sarubbo gentoo-dev 2019-07-31 13:13:36 UTC
ia64 stable
Comment 13 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-08-02 08:11:28 UTC
arm stable
Comment 14 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-15 04:04:19 UTC
CVE-2019-13114 (https://github.com/Exiv2/exiv2/issues/793):

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
Comment 15 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-15 04:04:51 UTC
CVE-2018-20097 (https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html):

There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.