Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 380771 (CVE-2011-3170) - <net-print/cups-1.4.8-r1: "gif_read_lzw()" Buffer Overflow Vulnerability (CVE-2011-3170)
Summary: <net-print/cups-1.4.8-r1: "gif_read_lzw()" Buffer Overflow Vulnerability (CVE...
Alias: CVE-2011-3170
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
: 380825 (view as bug list)
Depends on: 380825
  Show dependency tree
Reported: 2011-08-26 19:00 UTC by Agostino Sarubbo
Modified: 2012-07-09 23:37 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2011-08-26 19:00:45 UTC
From Secunia security advisor at $URL:

The vulnerability is caused due to a boundary error within the "gif_read_lzw()" function (filter/image-gif.c) and can be exploited to cause a heap-based buffer overflow via specially crafted GIF images.

The vulnerability is confirmed in version 1.4.6. Prior versions may also be affected.

Update to version 1.4.7.


The vulnerability is confirmed in version 1.4.8. Other versions may also be affected.

Fixed in the SVN repository.
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2011-08-27 00:14:15 UTC
*cups-1.5.0-r1 (25 Aug 2011)
*cups-1.4.8-r21 (25 Aug 2011)
*cups-1.4.8-r1 (25 Aug 2011)

  25 Aug 2011; Timo Gurr <> -cups-1.4.6-r21.ebuild,
  -cups-1.4.8.ebuild, +cups-1.4.8-r1.ebuild, +cups-1.4.8-r21.ebuild,
  +files/cups-1.4.8-CVE-2011-2896.patch, -cups-1.5.0.ebuild,
  Revbumps fixing security issue CVE-2011-2896. Remove old.

Note: CVE-2011-2896, although talking about cups, refers to SECUNIA:45621 (which is imho exactly the same issue for gimp).
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2011-08-27 10:30:18 UTC
net-print/cups-1.4.8-r1 stablerequest filed
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-08-27 10:32:45 UTC
*** Bug 380825 has been marked as a duplicate of this bug. ***
Comment 4 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-08-27 10:33:18 UTC
This particular patch is CVE-2011-3170.

The -2896 patch was not sufficient to fix the issue in cups, thus this patch was needed. Please fix the naming in CVS. After that, we'll call arches in *this* bug, as usual.
Comment 5 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-08-27 10:48:04 UTC
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Comment 6 Agostino Sarubbo gentoo-dev 2011-08-27 11:59:59 UTC
Multiple compile test ok. No hw to test. amd64 ok
Comment 7 Tomáš "tpruzina" Pružina (amd64 [ex]AT) 2011-08-27 12:25:42 UTC
Archtested 1.4.8-r1 on amd64 (printing over wifi, administration interface, queues, jobs etc). All ok.
Comment 8 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-08-27 17:42:09 UTC
x86 stable
Comment 9 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-08-27 20:09:45 UTC
ppc/ppc64 stable
Comment 10 Tony Vroon (RETIRED) gentoo-dev 2011-08-28 22:23:09 UTC
+  28 Aug 2011; Tony Vroon <> cups-1.4.8-r1.ebuild:
+  Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo &
+  Tomáš "Mepho" Pružina in security bug #380771.
Comment 11 Jeroen Roovers (RETIRED) gentoo-dev 2011-08-29 06:12:53 UTC
Stable for HPPA.
Comment 12 Raúl Porcel (RETIRED) gentoo-dev 2011-09-03 13:21:53 UTC
Comment 13 Tim Sammut (RETIRED) gentoo-dev 2011-09-04 00:27:57 UTC
Thanks, everyone. Added to existing GLSA request.
Comment 14 Andreas K. Hüttel archtester gentoo-dev 2012-01-15 20:41:49 UTC
No vulnerable version in the tree anymore.
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2012-07-09 23:37:14 UTC
This issue was resolved and addressed in
 GLSA 201207-10 at
by GLSA coordinator Sean Amoss (ackle).