Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 599744 (CVE-2016-9298) - <media-gfx/imagemagick-{6.9.6.4,7.0.3.6}: Off by one memory allocation in WaveletDenoiseImage()
Summary: <media-gfx/imagemagick-{6.9.6.4,7.0.3.6}: Off by one memory allocation in Wav...
Status: RESOLVED FIXED
Alias: CVE-2016-9298
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/ImageMagick/ImageM...
Whiteboard: B2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2016-11-15 00:32 UTC by Thomas Deutschmann (RETIRED)
Modified: 2017-02-17 08:13 UTC (History)
1 user (show)

See Also:
Package list:
=media-gfx/imagemagick-6.9.6.6
Runtime testing required: ---
kensington: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-15 00:32:41 UTC
media-gfx/imagemagick before 3cbfb163cff9e5b8cdeace8312e9bfee810ed02b
suffer from a heap overflow in WaveletDenoiseImage(). This problem is
easily trigerrable from a perl script.

Fix: https://github.com/ImageMagick/ImageMagick/commit/3cbfb163cff9e5b8cdeace8312e9bfee810ed02b
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-15 00:39:03 UTC
Patched version is already in the Gentoo repository: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3b6e7390468b87611d52709afc8b65982e3208e7


@ Maintainer(s): In case we need to stabilize the package, please let us know if it is ready for the stabilization or not (there's currently a package.mask in place, see https://gitweb.gentoo.org/repo/gentoo.git/tree/profiles/package.mask?id=c22332969d24f3f5eb0aa93a73f6cefc6ed34c96#n399)
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-29 19:13:30 UTC
Lars told me today that the fix should also be in 6.9.x and he is right: https://github.com/ImageMagick/ImageMagick/commit/d2d9c8feb028570c592a438a5f4d4191391402bd

$ git tag --contains d2d9c8feb028570c592a438a5f4d4191391402bd | sort
6.9.6-4
6.9.6-5
6.9.6-6

v6.9.6-4, the first version containing the fixed, landed in Gentoo repository via https://gitweb.gentoo.org/repo/gentoo.git/commit/media-gfx/imagemagick?id=3b6e7390468b87611d52709afc8b65982e3208e7



@ Arches,

please test and mark stable: =media-gfx/imagemagick-6.9.6.6
Comment 3 Markus Meier gentoo-dev 2016-11-30 19:39:31 UTC
arm stable
Comment 4 Agostino Sarubbo gentoo-dev 2016-12-01 12:52:13 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2016-12-01 12:54:54 UTC
x86 stable
Comment 6 Tobias Klausmann (RETIRED) gentoo-dev 2016-12-02 14:21:31 UTC
Stable on alpha.
Comment 7 Agostino Sarubbo gentoo-dev 2016-12-19 14:39:41 UTC
sparc stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-12-19 15:16:11 UTC
ia64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-12-20 09:49:12 UTC
ppc stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-12-22 09:37:48 UTC
ppc64 stable
Comment 11 Aaron Bauman (RETIRED) gentoo-dev 2017-01-11 03:36:44 UTC
hppa....
Comment 12 Jeroen Roovers (RETIRED) gentoo-dev 2017-01-12 09:31:44 UTC
Stable for HPPA.
Comment 13 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-21 00:47:06 UTC
New GLSA request filed.

@ Maintainer(s): Please cleanup and drop =media-gfx/imagemagick-6.9.6.2!
Comment 14 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-21 02:05:45 UTC
Cleaned up via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b82225d9803ad4e7946ca331adf45fc1f063169f
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2017-02-17 08:13:24 UTC
This issue was resolved and addressed in
 GLSA 201702-09 at https://security.gentoo.org/glsa/201702-09
by GLSA coordinator Thomas Deutschmann (whissi).