Symbol IMG_LoadTIF_RW@@ (32-bit UNIX System V ABI Intel 80386) present 7 times /usr/bin/xncsetup /usr/bin/ives /usr/bin/xncloader /usr/bin/xnlaunch /usr/lib/libSDL_image-1.2.so.0.1.6 /usr/bin/xnc /usr/bin/xjpegroot And more. Might be vulnerable to GLSA 200802-01, considering it hasn't been bumped since 2004, thus escalating to security.
Symbol SDL_WriteBE64@@ (32-bit UNIX System V ABI Intel 80386) present 7 times /usr/bin/xncsetup /usr/bin/ives /usr/bin/xncloader /usr/bin/xnlaunch libSDL /usr/bin/xnc /usr/bin/xjpegroot
I could not find the SDL functionality exposed in xnc directly. It seems only x(nc)setup and xjpegroot expose the SDL functionality. I could reproduce the issue in jpegroot: $ gdb /usr/bin/xjpegroot GNU gdb 6.8 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-pc-linux-gnu"... (gdb) run -c CVE-2007-6697.gif Starting program: /usr/bin/xjpegroot -c CVE-2007-6697.gif XJPEGroot Version 1.1.6 **********Image Engine********** * * *Visual: TrueColor * *Depth: 24 (4 bytes/pixel) * *RGB: 8:8:8 * *Colors: 16777216 * *Images: GIF,JPEG,PCX * * * ******** (c) Leo 96-98 ********* Loading image [CVE-2007-6697.gif]..... Program received signal SIGSEGV, Segmentation fault. LWZReadByte (src=0x24812d0, flag=<value optimized out>, input_code_size=<value optimized out>) at sdl_image/IMG_gif.c:425 425 table[1][i] = i; Current language: auto; currently c (gdb) bt #0 LWZReadByte (src=0x24812d0, flag=<value optimized out>, input_code_size=<value optimized out>) at sdl_image/IMG_gif.c:425 #1 0x000000000040c42a in ReadImage (src=0x24812d0, len=10, height=10, cmapSize=256, cmap=0x62ad28, gray=<value optimized out>, interlace=0, ignore=0) at sdl_image/IMG_gif.c:523 #2 0x000000000040c9e2 in IMG_LoadGIF_RW (src=0x24812d0) at sdl_image/IMG_gif.c:249 #3 0x000000000040b5cc in im_load_image_through_loader (fname=<value optimized out>, to_pic=0x614400, from_mem_size=<value optimized out>, img_loader=0x40c680 <IMG_LoadGIF_RW>) at sdl_image/SDL_to_picinfo.c:137 #4 0x0000000000407b39 in LoadXImage (file=0x7fff9fa9ee55 "CVE-2007-6697.gif", cmptype=<value optimized out>, type=<value optimized out>) at image.cxx:580 #5 0x0000000000405b32 in SetRootWindow (tline=0x7fff9fa9ee55 "CVE-2007-6697.gif", opt=<value optimized out>) at xjpegroot.cxx:77 #6 0x0000000000405d84 in main (argc=3, argv=0x7fff9fa9e618) at xjpegroot.cxx:50
Oh, I missed ives. It expsoses the functions as well.
Removed from tree by maintainers.
GLSA time first, Samuli.
Removed from tree long time ago, no GLSA