179156 – media-libs/lcms ICC parser flaws

Bug 179156 - media-libs/lcms ICC parser flaws

Summary: media-libs/lcms ICC parser flaws

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://scary.beasts.org/security/CESA...
Whiteboard:	B2? [noglsa] jaervosz
Keywords:

Depends on:
Blocks:

Reported:	2007-05-19 22:14 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified:	2020-03-28 23:11 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-05-19 22:14:47 UTC

Programs affected: lcms-1.13 
Fixed in: lcms-1.15 
Advisory release date: May 15th 2007. 
Severity: Probable remote compromise of systems which use the vulnerable lcms library to parse ICC profiles. 
 Demo JPG:  http://scary.beasts.org/misc/badicc4.jpg . Run with "jpegicc badicc4.jpg out.jpg". Seems to be a classic stack-based buffer overflow. 

CESA-2007-001 - rev 1 
Chris Evans 
scarybeasts@gmail.com

Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-05-19 22:25:24 UTC

printing please advise.

Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev

2007-05-31 09:45:51 UTC

any news here?

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-06-10 08:14:56 UTC

printing please advise.

Comment 4 Samuli Suominen (RETIRED) gentoo-dev

2007-06-10 09:25:37 UTC

"Fixed in: lcms-1.15" it says.

lcms-1.15.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"

And mips is only arch left with said vulnerable version.

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-06-10 10:59:52 UTC

Thx drac for clearing that up.

Closing as Fixed instead of Invalid as mips still need to mark stable.