Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 644770 (CVE-2017-1000422) - <x11-libs/gdk-pixbuf-2.36.11: Integer overflow in io-gif.c:gif_get_lzw() can lead to memory corruption and potential code execution (CVE-2017-1000422)
Summary: <x11-libs/gdk-pixbuf-2.36.11: Integer overflow in io-gif.c:gif_get_lzw() can ...
Status: RESOLVED FIXED
Alias: CVE-2017-1000422
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://bugzilla.gnome.org/show_bug.c...
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-01-16 16:16 UTC by Ian Zimmerman
Modified: 2018-04-17 18:22 UTC (History)
2 users (show)

See Also:
Package list:
x11-libs/gdk-pixbuf-2.36.11 alpha amd64 arm hppa ia64 ppc ppc64 x86
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ian Zimmerman 2018-01-16 16:16:55 UTC
According to summary at $URL:

When loading a large gif image, integer overflow may happen in function gif_get_lzw under source file gdk-pixbuf/io-gif.c.

Upstream patch:

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=0012e066ba37439d402ce46afbc1311530a4ec61


Reproducible: Always
Comment 1 Mart Raudsepp gentoo-dev 2018-01-16 22:33:32 UTC
Upstream bug references commits are included in gdk-pixbuf-2.36.11
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2018-01-17 05:10:52 UTC
x86 stable
Comment 3 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2018-01-18 15:45:19 UTC
amd64 stable
Comment 4 Tobias Klausmann (RETIRED) gentoo-dev 2018-01-20 16:52:01 UTC
Stable on alpha.
Comment 5 ernsteiswuerfel archtester 2018-01-21 18:25:07 UTC
Looking good on ppc.

Failing builds are only due to +X +introspection needed for gtk+ deps.

# cat gdk-pixbuf-644770.report 
USE tests started on So 21. Jan 14:51:00 CET 2018

USE='-X -introspection -jpeg -jpeg2k -tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='X -introspection -jpeg -jpeg2k -tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='X introspection -jpeg -jpeg2k -tiff'  succeeded for =x11-libs/gdk-pixbuf-2.36.11
USE='-X introspection jpeg -jpeg2k -tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='-X -introspection -jpeg jpeg2k -tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='X -introspection -jpeg jpeg2k -tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='-X introspection -jpeg jpeg2k -tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='X introspection -jpeg jpeg2k -tiff'  succeeded for =x11-libs/gdk-pixbuf-2.36.11
USE='X -introspection -jpeg -jpeg2k tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='-X -introspection jpeg -jpeg2k tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='X -introspection jpeg -jpeg2k tiff' failed for =x11-libs/gdk-pixbuf-2.36.11
USE='X introspection jpeg jpeg2k tiff'  succeeded for =x11-libs/gdk-pixbuf-2.36.11
 FEATURES= test succeeded for =x11-libs/gdk-pixbuf-2.36.11
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-03 21:07:24 UTC
commit 9e7f603989bcb17e86282ce69933095d6ed69bc5
Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Sat Feb 3 21:50:21 2018 +0100

    x11-libs/gdk-pixbuf: stable 2.36.11 for hppa, bug #644770
Comment 7 Markus Meier gentoo-dev 2018-02-05 21:24:52 UTC
arm stable
Comment 8 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-08 22:23:07 UTC
ia64 stable
Comment 9 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-24 19:24:06 UTC
ppc stable (thanks to ernsteiswuerfel)
Comment 10 Matt Turner gentoo-dev 2018-03-12 06:17:52 UTC
ppc64 stable. last arch done
Comment 11 Mart Raudsepp gentoo-dev 2018-04-17 12:58:54 UTC
cleanup done
Comment 12 Aaron Bauman (RETIRED) gentoo-dev 2018-04-17 17:11:37 UTC
Thanks, Leio!

GLSA request filed.
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2018-04-17 18:22:27 UTC
This issue was resolved and addressed in
 GLSA 201804-14 at https://security.gentoo.org/glsa/201804-14
by GLSA coordinator Aaron Bauman (b-man).