CVE-2017-16938 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-16938): A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the LZWReadByte function of the gifread.c file.
@Maintainer please let us know if we are affected. Call for stabilization when ready if that's the case. Thank you.
commit 0da7381ee3668b7d015fc4082a001dcda0b94707 Author: Sebastian Pipping <sping@g.o> Date: Mon Dec 4 20:37:28 2017 +0100 media-gfx/optipng: CVE-2017-16938 Package-Manager: Portage-2.3.16, Repoman-2.3.6 .../files/optipng-0.7.6-cve-2017-16938.patch | 22 ++++++++ media-gfx/optipng/optipng-0.7.6-r2.ebuild | 59 ++++++++++++++++++++++ 2 files changed, 81 insertions(+) [1]+ Done meld optipng-0.7.6-r{1,2}.ebuild https://github.com/gentoo/gentoo/commit/0da7381ee3668b7d015fc4082a001dcda0b94707 (In reply to Christopher Díaz Riveros from comment #1) > @Maintainer please let us know if we are affected. Proof of concept file segfaults on amd64, no more crash with upstream patch. Applied in Gentoo now. (In reply to Christopher Díaz Riveros from comment #1) > Call for stabilization when ready if that's the case. Adding targets: amd64 ppc64 ppc x86 # eshowkw Keywords for media-gfx/optipng: | | u | | a a p a n r s | n | | l m h i p r m m i i s p | e u s | r | p d a p a p c x m i 6 o s 3 a | a s l | e | h 6 r p 6 p 6 8 6 p 8 s c 9 s r | p e o | p | a 4 m a 4 c 4 6 4 s k 2 v 0 h c | i d t | o ------------+---------------------------------+-------+------- 0.7.6-r1 | ~ + ~ o o + + + o o o o o o o o | 4 o 0 | gentoo [I]0.7.6-r2 | ~ ~ ~ o o ~ ~ ~ o o o o o o o o | 6 o | gentoo
x86 stable
ppc/ppc64 stable
Added to an existing GLSA.
amd64 stable. Maintainer(s), please cleanup.
(In reply to Agostino Sarubbo from comment #6) > Maintainer(s), please cleanup. commit f836c9c5676d9d55c4082ac0343122755ccdf9d9 Author: Sebastian Pipping <sping@g.o> Date: Wed Jan 3 20:36:06 2018 +0100 media-gfx/optipng: Remove 0.7.6-r1 (bug 639690) Package-Manager: Portage-2.3.16, Repoman-2.3.6 media-gfx/optipng/optipng-0.7.6-r1.ebuild | 56 ------------------------------- 1 file changed, 56 deletions(-) https://github.com/gentoo/gentoo/commit/f836c9c5676d9d55c4082ac0343122755ccdf9d9
This issue was resolved and addressed in GLSA 201801-02 at https://security.gentoo.org/glsa/201801-02 by GLSA coordinator Aaron Bauman (b-man).