Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 581958 (CVE-2016-5240, CVE-2016-5241) - <media-gfx/graphicsmagick-1.3.24: DoS
Summary: <media-gfx/graphicsmagick-1.3.24: DoS
Status: RESOLVED FIXED
Alias: CVE-2016-5240, CVE-2016-5241
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://seclists.org/oss-sec/2016/q2/460
Whiteboard: B3 [noglsa cve]
Keywords:
: 582236 (view as bug list)
Depends on:
Blocks:
 
Reported: 2016-05-03 09:23 UTC by Agostino Sarubbo
Modified: 2017-01-09 23:35 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-05-03 09:23:40 UTC
From ${URL} :

We recently tested GraphicsMagick with our tool and found two issues that
causes DoS:

* Infinite loop caused by converting a circularly defined svg file.

* Arithmetic exception converting a svg file caused by a X%0 operation in
magick/render.c:3800

    (long) (y-fill_pattern->tile_info.y) % fill_pattern->rows,

Reproducers for both issues are attached. They are triggered by converting
a svg to another format. Identification is not affected.
These issues affect 1.3.18 and 1.3.23. Most likely other versions are
vulnerable too.


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-29 20:22:53 UTC
v1.3.24 which fixed the reported issues hit Gentoo repository via https://gitweb.gentoo.org/repo/gentoo.git/commit/media-gfx/graphicsmagick?id=68407a602cc64231cd887123da2d33dbe5756230

=media-gfx/graphicsmagick-1.3.25 is the current stable version in the repository. No vulnerable version left. 


@ Security: Please vote!
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-12-01 07:53:01 UTC
Code fixing the issue:

http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ddc999ec896c


Additional details:

https://sources.debian.net/src/graphicsmagick/1.3.25-5/debian/changelog/#L31

As previously noted by Whissi the fixed code was introduced to the tree in 1.3.24.

GLSA Vote: No
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-09 23:34:46 UTC
*** Bug 582236 has been marked as a duplicate of this bug. ***