Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 426366 (CVE-2012-2812) - <media-libs/libexif-0.6.21 and <media-gfx/exif-0.6.21 : Multiple vulnerabilities (CVE-2012-{2812,2813,2814,2836,2837,2840,2841,2845})
Summary: <media-libs/libexif-0.6.21 and <media-gfx/exif-0.6.21 : Multiple vulnerabilit...
Status: RESOLVED FIXED
Alias: CVE-2012-2812
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-07-12 21:41 UTC by Dan Fandrich
Modified: 2014-01-19 15:54 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dan Fandrich 2012-07-12 21:41:50 UTC
libexif (and exif) 0.6.21 have been released to fix a number of security vulnerabilities. It should be a drop-in replacement for 0.6.20.
Comment 2 Samuli Suominen gentoo-dev 2012-07-13 13:02:34 UTC
Test & stabilize:

=media-libs/libexif-0.6.21
=media-gfx/exif-0.6.21
Comment 3 Agostino Sarubbo gentoo-dev 2012-07-13 13:05:04 UTC
Thanks for the report.
Comment 4 Myckel Habets 2012-07-14 08:08:05 UTC
Builds fine on x86, redeps build and run fine. Please mark stable for x86.
Comment 5 Agostino Sarubbo gentoo-dev 2012-07-14 15:53:49 UTC
amd64 stable
Comment 6 Jeff (JD) Horelick (RETIRED) gentoo-dev 2012-07-14 20:06:40 UTC
x86 stable. Thanks Myckel.
Comment 7 Raúl Porcel (RETIRED) gentoo-dev 2012-07-15 17:07:37 UTC
alpha/arm/ia64/s390/sh/sparc stable
Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2012-07-17 15:48:53 UTC
Stable for HPPA.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-07-17 23:09:36 UTC
CVE-2012-2845 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2845):
  Integer overflow in the jpeg_data_load_data function in jpeg-data.c in
  libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service
  (buffer over-read and application crash) or obtain potentially sensitive
  information via a crafted JPEG file.

CVE-2012-2841 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2841):
  Integer underflow in the exif_entry_get_value function in exif-entry.c in
  the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote
  attackers to execute arbitrary code via vectors involving a crafted
  buffer-size parameter during the formatting of an EXIF tag, leading to a
  heap-based buffer overflow.

CVE-2012-2840 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2840):
  Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c
  in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote
  attackers to cause a denial of service or possibly execute arbitrary code
  via crafted EXIF tags in an image.

CVE-2012-2837 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2837):
  The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c
  in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote
  attackers to cause a denial of service (divide-by-zero error) via an image
  with crafted EXIF tags that are not properly handled during the formatting
  of EXIF maker note tags.

CVE-2012-2836 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2836):
  The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing
  Library (aka libexif) before 0.6.21 allows remote attackers to cause a
  denial of service (out-of-bounds read) or possibly obtain sensitive
  information from process memory via crafted EXIF tags in an image.

CVE-2012-2814 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2814):
  Buffer overflow in the exif_entry_format_value function in exif-entry.c in
  the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to
  cause a denial of service or possibly execute arbitrary code via crafted
  EXIF tags in an image.

CVE-2012-2813 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2813):
  The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag
  Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause
  a denial of service (out-of-bounds read) or possibly obtain sensitive
  information from process memory via crafted EXIF tags in an image.

CVE-2012-2812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2812):
  The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing
  Library (aka libexif) before 0.6.21 allows remote attackers to cause a
  denial of service (out-of-bounds read) or possibly obtain sensitive
  information from process memory via crafted EXIF tags in an image.
Comment 10 Michael Weber (RETIRED) gentoo-dev 2012-08-23 09:10:26 UTC
ppc stable.
Comment 11 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2012-09-20 13:23:44 UTC
ppc64 stable, last arch done
Comment 12 Sean Amoss (RETIRED) gentoo-dev Security 2012-09-20 13:38:04 UTC
Thanks, everyone.

Already on existing GLSA draft, ready for review.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2014-01-19 15:54:48 UTC
This issue was resolved and addressed in
 GLSA 201401-10 at http://security.gentoo.org/glsa/glsa-201401-10.xml
by GLSA coordinator Sean Amoss (ackle).