154380 – media-libs/libpng: sPLT chunk handling denial of service (CVE-2006-5793)

Bug 154380 - media-libs/libpng: sPLT chunk handling denial of service (CVE-2006-5793)

Summary: media-libs/libpng: sPLT chunk handling denial of service (CVE-2006-5793)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	A3 [glsa]
Keywords:

Depends on:
Blocks:	155278
	Show dependency tree

Reported:	2006-11-07 09:08 UTC by Tavis Ormandy (RETIRED)
Modified:	2019-12-30 12:24 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
sPLT chunk handling fix (splt-fix.diff,791 bytes, patch) 2006-11-07 09:10 UTC, Tavis Ormandy (RETIRED)	no flags	Details \| Diff
libpng-1.2.12-r2.ebuild (libpng-1.2.12-r2.ebuild,1.36 KB, text/plain) 2006-11-09 15:59 UTC, SpanKY	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tavis Ormandy (RETIRED) gentoo-dev

2006-11-07 09:08:45 UTC

A typo in png_set_sPLT() may cause an application using libpng to read out of bounds, resulting in a crash.

This was discovered by Tavis Ormandy, Gentoo Linux Security Auditing Team.

patch attached.

Comment 1 Tavis Ormandy (RETIRED) gentoo-dev

2006-11-07 09:10:03 UTC

Created attachment 101400 [details, diff]
sPLT chunk handling fix

Comment 2 Matthias Geerdsen (RETIRED) gentoo-dev

2006-11-09 06:56:54 UTC

vapier, could you attach an updated ebuild
as usual, pls don't commit anything yet

tavis, is there a disclosure date or anything?

Comment 3 SpanKY gentoo-dev

2006-11-09 15:59:27 UTC

Created attachment 101579 [details]
libpng-1.2.12-r2.ebuild

Comment 4 Matthias Geerdsen (RETIRED) gentoo-dev

2006-11-10 02:33:13 UTC

thanks vapier

arch security liaisons, pls test the attached ebuild and give your ok on this bug do not commit anything yet

Comment 5 Gustavo Zacarias (RETIRED) gentoo-dev

2006-11-10 05:21:40 UTC

sparc looks fine.

Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev

2006-11-13 09:55:56 UTC

ppc looks good

Comment 7 Joshua Jackson (RETIRED) gentoo-dev

2006-11-13 10:44:05 UTC

x86 looks good

Comment 8 René Nussbaumer (RETIRED) gentoo-dev

2006-11-13 12:03:01 UTC

looks good on hppa

Comment 9 Thomas Cort (RETIRED) gentoo-dev

2006-11-13 15:14:10 UTC

looks good on amd64.

Comment 10 Matthias Geerdsen (RETIRED) gentoo-dev

2006-11-14 11:59:53 UTC

vapier, pls commit the ebuild

alpha/ppc64 test and mark stable pls, we really want this to go out soon

calling the remaining arches when the ebuild has been committed

Comment 11 Markus Rothe (RETIRED) gentoo-dev

2006-11-15 05:23:44 UTC

looks good on ppc64. please commit with stable ppc64 keyword, too. sorry for being late (that 'having no internet connection thing')

Comment 12 SpanKY gentoo-dev

2006-11-15 06:50:58 UTC

1.2.13 now in portage

Comment 13 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-11-15 07:29:28 UTC

Arch keywording needed. Target keywords are:

alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd

Comment 14 Chris Gianelloni (RETIRED) gentoo-dev

2006-11-15 08:13:19 UTC

alpha/amd64/ppc/x86 done...

Comment 15 Matthias Geerdsen (RETIRED) gentoo-dev

2006-11-15 12:32:02 UTC

someone please mark this stable on sparc/ppc64/hppa (see comment #5, comment #8, comment #11) so that we can send the GLSA

Comment 16 Jeroen Roovers (RETIRED) gentoo-dev

2006-11-15 13:58:50 UTC

Stable for HPPA.

Comment 17 Gustavo Zacarias (RETIRED) gentoo-dev

2006-11-16 04:38:52 UTC

sparc stable.

Comment 18 Markus Rothe (RETIRED) gentoo-dev

2006-11-16 07:03:54 UTC

ppc64 stable

Comment 19 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-11-17 14:36:35 UTC

GLSA 200611-09

Thx everyone.