| Summary: | <media-libs/libexif-0.6.22: Multiple vulnerabilities (CVE-2016-6328, CVE-2019-9278, CVE-2020-{0093,12767,13112,13113,13114}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | graphics+disabled, sam |
| Priority: | Normal | Flags: | nattka:
sanity-check+
|
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278 | ||
| See Also: | https://github.com/gentoo/gentoo/pull/15909 | ||
| Whiteboard: | B2 [glsa+ cve] | ||
| Package list: |
media-libs/libexif-0.6.22
|
Runtime testing required: | --- |
|
Description
filip ambroz
2020-02-08 13:50:19 UTC
I am not entirely sure if the gentoo is affected. It should be similar to this bug: https://bugs.gentoo.org/701834 Please take also look here: https://security-tracker.debian.org/tracker/CVE-2019-9278 https://nvd.nist.gov/vuln/detail/CVE-2019-9278 (In reply to filip ambroz from comment #1) > I am not entirely sure if the gentoo is affected. It should be similar to > this bug: https://bugs.gentoo.org/701834 > Okay, I think so. I'll call this upstream/ebuild but upstream have not made a release in years so we'll just have to apply the patches. ---- * CVE-2020-12767 Description: "exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error." Bug: https://github.com/libexif/libexif/issues/31 Patch: https://github.com/libexif/libexif/commit/e22f73064f804c94e90b642cd0db4697c827da72 * CVE-2020-13112 Description: "An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093." * CVE-2020-13113 Description: "An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions." * CVE-2020-13114 Description: "An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data." * CVE-2020-0093 Description: "In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation." * CVE-2016-6328 Description: "A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data)." 0.6.22 is out with these fixes (hurray!) URL: https://github.com/libexif/libexif/releases/tag/libexif-0_6_22-release The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8e0bf10d15211a298201e01836069c5ec605bc37 commit 8e0bf10d15211a298201e01836069c5ec605bc37 Author: Sam James (sam_c) <sam@cmpct.info> AuthorDate: 2020-05-22 05:37:15 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-06-17 01:00:11 +0000 media-libs/libexif: Security bump to 0.6.22 Bug: https://bugs.gentoo.org/708728 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Sam James (sam_c) <sam@cmpct.info> Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> media-libs/libexif/Manifest | 1 + media-libs/libexif/libexif-0.6.22.ebuild | 49 ++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) x86 stable arm stable ppc stable ppc64 stable amd64 stable arm64 stable already hppa stable sparc stable This issue was resolved and addressed in GLSA 202007-05 at https://security.gentoo.org/glsa/202007-05 by GLSA coordinator Sam James (sam_c). |
