Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 714608

Summary: <media-gfx/imagemagick-{6.9.11.1,7.0.10.1}: Possible buffer overflow in ComplexImages()
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: graphics+disabled, slyfox
Priority: Normal Flags: nattka: sanity-check-
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa]
Package list:
=media-gfx/imagemagick-6.9.11.1 amd64 arm hppa ppc ppc64 sparc x86 =media-gfx/imagemagick-7.0.10.1 amd64 arm arm64 hppa ppc ppc64 sparc x86 =media-gfx/potrace-1.15 arm64
 Runtime testing required: ---

Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-25 01:20:32 UTC 
7.0.10.1 (https://imagemagick.org/script/changelog.php):
>2020-03-07 7.0.10-1 Cristy <quetzlzacatenango@image...>
>Do not throw exception on empty draw path (reference https://github.com>/ImageMagick/ImageMagick/issues/974).
>Fix possible buffer overflow in ComplexImages().

6.9.11.1 (https://legacy.imagemagick.org/www/script/changelog.php):
>2020-03-07 6.9.11-1 Cristy <quetzlzacatenango@image...>
>Do not throw exception on empty draw path (reference https://github.com/ImageMagick/ImageMagick/issues/974).
>Fix possible buffer overflow in ComplexImages().
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-25 01:21:05 UTC 
@maintainer(s), please advise if ready for stabilisation, or call yourself.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2020-04-16 07:28:31 UTC 
Ok a month has gone by... lets try again. 
Are we ready to stabilize?
Comment 3 NATTkA bot gentoo-dev Security 2020-04-18 09:56:37 UTC 
Sanity check failed:

> media-gfx/imagemagick-7.0.10.1
>   depend arm64 stable profile default/linux/arm64/17.0 (9 total)
>     media-gfx/potrace
>   rdepend arm64 stable profile default/linux/arm64/17.0 (9 total)
>     media-gfx/potrace
Comment 4 Agostino Sarubbo gentoo-dev 2020-04-20 13:27:07 UTC 
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-04-20 13:29:49 UTC 
x86 stable
Comment 6 Rolf Eike Beer archtester 2020-04-20 15:22:32 UTC 
sparc stable
Comment 7 Rolf Eike Beer archtester 2020-04-23 08:13:25 UTC 
hppa stable
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2020-04-25 10:38:24 UTC 
arm stable
Comment 9 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-28 19:25:34 UTC 
arm64 stable
Comment 10 Larry the Git Cow gentoo-dev 2020-04-30 22:51:38 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=25628da87f65b59784b078ff90d184e9441673f5

commit 25628da87f65b59784b078ff90d184e9441673f5
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-30 22:51:17 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-30 22:51:30 +0000

    media-gfx/imagemagick: security cleanup
    
    Bug: https://bugs.gentoo.org/714608
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 media-gfx/imagemagick/Manifest                    |   6 -
 media-gfx/imagemagick/imagemagick-6.9.11.0.ebuild | 250 --------------------
 media-gfx/imagemagick/imagemagick-6.9.11.1.ebuild | 255 ---------------------
 media-gfx/imagemagick/imagemagick-6.9.11.3.ebuild | 255 ---------------------
 media-gfx/imagemagick/imagemagick-7.0.10.0.ebuild | 262 ---------------------
 media-gfx/imagemagick/imagemagick-7.0.10.1.ebuild | 267 ----------------------
 media-gfx/imagemagick/imagemagick-7.0.10.3.ebuild | 267 ----------------------
 7 files changed, 1562 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=39b7886af40cc1b9747373dce91bae61700334b0

commit 39b7886af40cc1b9747373dce91bae61700334b0
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-30 22:50:23 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-30 22:51:29 +0000

    media-gfx/imagemagick: move stable keywords
    
    Bug: https://bugs.gentoo.org/714608
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 media-gfx/imagemagick/imagemagick-6.9.11.7.ebuild    | 2 +-
 media-gfx/imagemagick/imagemagick-7.0.10.7-r1.ebuild | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
Comment 11 Thomas Deutschmann (RETIRED) gentoo-dev 2020-04-30 22:52:23 UTC 
GLSA Vote: No!

Repository is clean, all done.
Comment 12 NATTkA bot gentoo-dev Security 2020-04-30 22:52:31 UTC 
Unable to check for sanity:

> no match for package: =media-gfx/imagemagick-6.9.11.1
Comment 13 ernsteiswuerfel archtester 2020-04-30 23:32:31 UTC 
Looking good on ppc.

rdep rmagick-3.2.0 fails tests (bug #720202).

# cat imagemagick-714608.report 
USE tests started on Do 30. Apr 11:09:52 CEST 2020

FEATURES=' test' USE='' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X bzip2 corefonts -cxx -djvu -fftw fontconfig fpx graphviz -hdri -jbig jpeg jpeg2k lcms -lqr -lzma openexr -openmp -pango perl -png -postscript -q32 -q8 raw -static-libs -svg -tiff truetype webp -wmf -xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X bzip2 -corefonts cxx djvu -fftw fontconfig fpx -graphviz -hdri -jbig -jpeg jpeg2k -lcms lqr -lzma -openexr -openmp -pango -perl -png postscript q32 -q8 -raw -static-libs svg -tiff -truetype -webp wmf -xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='X bzip2 -corefonts cxx djvu fftw fontconfig fpx -graphviz hdri -jbig -jpeg -jpeg2k -lcms lqr lzma -openexr -openmp pango -perl -png -postscript q32 -q8 raw static-libs -svg tiff -truetype -webp wmf -xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X bzip2 -corefonts -cxx djvu fftw -fontconfig fpx graphviz hdri jbig jpeg -jpeg2k lcms -lqr -lzma -openexr openmp pango -perl png postscript q32 -q8 raw -static-libs svg -tiff truetype webp wmf -xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='X -bzip2 -corefonts -cxx -djvu -fftw fontconfig -fpx -graphviz hdri jbig jpeg -jpeg2k lcms lqr -lzma openexr openmp pango perl png -postscript q32 q8 raw -static-libs -svg tiff -truetype -webp wmf xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='X -bzip2 corefonts -cxx djvu fftw fontconfig -fpx graphviz hdri jbig jpeg jpeg2k -lcms lqr -lzma -openexr openmp -pango -perl png postscript q32 q8 raw -static-libs -svg tiff truetype webp wmf xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X bzip2 corefonts -cxx djvu fftw -fontconfig fpx -graphviz hdri -jbig -jpeg jpeg2k lcms lqr -lzma openexr openmp pango perl png postscript q32 q8 -raw static-libs svg tiff truetype webp wmf xml -zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X -bzip2 corefonts -cxx djvu -fftw -fontconfig fpx graphviz hdri jbig jpeg jpeg2k lcms lqr -lzma -openexr openmp -pango perl -png -postscript -q32 -q8 raw static-libs -svg -tiff truetype -webp wmf -xml zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X -bzip2 -corefonts cxx djvu -fftw fontconfig -fpx graphviz -hdri jbig -jpeg jpeg2k -lcms lqr lzma -openexr openmp -pango perl png -postscript q32 q8 raw -static-libs svg -tiff truetype -webp -wmf xml zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='-X bzip2 -corefonts -cxx -djvu fftw -fontconfig -fpx -graphviz -hdri -jbig -jpeg -jpeg2k lcms lqr lzma openexr openmp pango -perl png postscript q32 -q8 raw static-libs svg tiff truetype -webp -wmf xml zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='X -bzip2 -corefonts -cxx -djvu fftw fontconfig -fpx -graphviz -hdri jbig -jpeg jpeg2k -lcms lqr -lzma -openexr openmp pango perl -png postscript -q32 -q8 -raw -static-libs svg -tiff -truetype -webp wmf xml zlib' succeeded for =media-gfx/imagemagick-6.9.11.1
USE='X -bzip2 corefonts cxx djvu -fftw -fontconfig -fpx -graphviz hdri -jbig -jpeg jpeg2k -lcms -lqr -lzma openexr -openmp -pango perl png -postscript -q32 -q8 raw -static-libs -svg tiff truetype webp wmf xml zlib' succeeded for =media-gfx/imagemagick-6.9.11.1

FEATURES=' test' USE='' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X bzip2 -corefonts cxx djvu -fftw fontconfig -fpx graphviz -hdri jbig jpeg -jpeg2k -lcms lqr -lzma openexr openmp -pango -perl -png -postscript q32 -q8 raw -static-libs -svg -tiff truetype -webp -wmf -xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X bzip2 -corefonts -cxx -djvu fftw -fontconfig fpx -graphviz -hdri jbig -jpeg -jpeg2k lcms lqr -lzma openexr -openmp pango -perl -png -postscript q32 -q8 raw -static-libs svg tiff truetype -webp -wmf -xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X -bzip2 corefonts -cxx -djvu -fftw -fontconfig fpx -graphviz -hdri -jbig -jpeg jpeg2k -lcms -lqr lzma -openexr openmp pango -perl -png postscript -q32 q8 raw static-libs svg tiff truetype -webp -wmf -xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X bzip2 -corefonts -cxx djvu fftw -fontconfig -fpx graphviz hdri -jbig -jpeg jpeg2k -lcms -lqr -lzma -openexr -openmp pango -perl png -postscript q32 -q8 -raw -static-libs svg -tiff truetype webp -wmf -xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X bzip2 -corefonts -cxx -djvu -fftw fontconfig -fpx -graphviz -hdri jbig jpeg -jpeg2k -lcms lqr lzma -openexr openmp -pango perl -png postscript -q32 q8 raw static-libs svg -tiff truetype webp -wmf -xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='-X -bzip2 -corefonts cxx -djvu fftw fontconfig fpx graphviz hdri -jbig jpeg jpeg2k -lcms lqr -lzma -openexr -openmp pango -perl -png postscript -q32 q8 -raw -static-libs -svg -tiff -truetype webp -wmf xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X -bzip2 -corefonts cxx -djvu -fftw -fontconfig -fpx -graphviz hdri jbig jpeg -jpeg2k lcms -lqr -lzma openexr openmp -pango -perl -png -postscript -q32 -q8 -raw static-libs svg -tiff truetype webp -wmf xml -zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X bzip2 corefonts -cxx djvu fftw fontconfig -fpx graphviz -hdri jbig -jpeg -jpeg2k -lcms lqr lzma -openexr -openmp pango perl png postscript q32 -q8 raw -static-libs svg tiff truetype -webp -wmf -xml zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='-X bzip2 corefonts cxx -djvu fftw fontconfig -fpx -graphviz -hdri jbig -jpeg -jpeg2k -lcms lqr lzma -openexr -openmp pango perl -png postscript q32 -q8 raw static-libs svg tiff truetype webp -wmf -xml zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X -bzip2 -corefonts -cxx djvu -fftw -fontconfig -fpx graphviz hdri -jbig jpeg -jpeg2k lcms -lqr -lzma -openexr openmp -pango perl -png -postscript -q32 q8 -raw static-libs -svg tiff truetype webp -wmf xml zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='X -bzip2 corefonts cxx -djvu fftw fontconfig -fpx -graphviz -hdri jbig jpeg -jpeg2k -lcms -lqr -lzma openexr -openmp -pango perl png postscript -q32 -q8 -raw static-libs svg tiff truetype webp -wmf xml zlib' succeeded for =media-gfx/imagemagick-7.0.10.1
USE='-X bzip2 -corefonts cxx -djvu fftw -fontconfig -fpx -graphviz hdri -jbig -jpeg -jpeg2k lcms lqr -lzma openexr openmp -pango -perl png postscript -q32 q8 raw -static-libs -svg -tiff -truetype webp wmf xml zlib' succeeded for =media-gfx/imagemagick-7.0.10.1

revdep tests started on Do 30. Apr 16:35:41 CEST 2020

FEATURES=' test' USE='imagemagick' succeeded for media-video/dvdauthor
FEATURES=' test' USE='' succeeded for dev-tex/latex2rtf
FEATURES=' test' USE='imagemagick' succeeded for media-gfx/pstoedit
FEATURES=' test' USE='imagemagick' succeeded for x11-wm/windowmaker
 FEATURES=' test' failed for dev-ruby/rmagick
FEATURES=' test' USE='imagemagick' succeeded for x11-misc/xlockmore
FEATURES=' test' USE='' succeeded for virtual/imagemagick-tools
FEATURES=' test' USE='' succeeded for media-gfx/uniconvertor
FEATURES=' test' USE='-graphicsmagick imagemagick' succeeded for media-gfx/inkscape
FEATURES=' test' USE='imagemagick' succeeded for media-video/transcode
FEATURES=' test' USE='imagemagick' succeeded for media-gfx/pstoedit
FEATURES=' test' USE='imagemagick' succeeded for x11-misc/xlockmore
FEATURES=' test' USE='' succeeded for dev-tex/tex4ht
FEATURES=' test' USE='X imagemagick' succeeded for app-editors/emacs
FEATURES=' test' USE='' succeeded for x11-plugins/wmgrabimage
FEATURES=' test' USE='' succeeded for dev-tex/latex2rtf
FEATURES=' test' USE='-graphicsmagick imagemagick' succeeded for media-gfx/inkscape
FEATURES=' test' USE='imagemagick' succeeded for x11-wm/windowmaker
FEATURES=' test' USE='' succeeded for media-gfx/uniconvertor
FEATURES=' test' USE='' succeeded for x11-misc/rss-glx