Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 629886 (CVE-2017-6362) - <media-libs/gd-2.2.5: double-free vulnerability
Summary: <media-libs/gd-2.2.5: double-free vulnerability
Status: RESOLVED FIXED
Alias: CVE-2017-6362
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/libgd/libgd/commit...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-09-04 15:19 UTC by Ian Zimmerman
Modified: 2018-04-22 21:11 UTC (History)
3 users (show)

See Also:
Package list:
=media-libs/gd-2.2.5
Runtime testing required: No
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-09-04 15:46:40 UTC
(In reply to Ian Zimmerman from comment #0)
> Upstream ticket:
> https://github.com/libgd/libgd/issues/381
> 
> Affected version: 2.2.4
> 
> Debian advisory:
> https://www.debian.org/security/2017/dsa-3961
> 
> Upstream fix:
> https://github.com/libgd/libgd/commit/
> 56ce6ef068b954ad28379e83cca04feefc51320c

Thank you for reporting the issue.

From Debian advisory:

A double-free vulnerability was discovered in the gdImagePngPtr() function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a specially crafted file is processed.

@Maintainers, after the bump please call for stabilization when ready, or let us know.

Gentoo Security Padawan
ChrisADR
Comment 2 SpanKY gentoo-dev 2018-01-30 03:46:44 UTC
gd-2.2.5 is in the tree now
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2018-03-23 22:04:03 UTC
@arches, please stabilize.
Comment 4 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2018-03-24 21:07:46 UTC
amd64 stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-24 21:37:45 UTC
ia64 stable
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-25 13:49:34 UTC
ppc64 stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-25 18:06:07 UTC
ppc stable
Comment 8 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-25 22:44:07 UTC
x86 stable
Comment 9 Tobias Klausmann (RETIRED) gentoo-dev 2018-03-31 14:18:48 UTC
Stable on alpha.
Comment 10 Markus Meier gentoo-dev 2018-04-08 10:49:06 UTC
arm stable
Comment 11 Mart Raudsepp gentoo-dev 2018-04-18 06:53:38 UTC
adding missing sparc CC..
Comment 12 Larry the Git Cow gentoo-dev 2018-04-20 19:01:02 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d965891b7b86fae7eae9bee9ba7c90791e2a2f60

commit d965891b7b86fae7eae9bee9ba7c90791e2a2f60
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-04-20 10:13:45 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-20 19:00:52 +0000

    media-libs/gd: stable 2.2.5 for sparc
    
    Bug: https://bugs.gentoo.org/629886
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 media-libs/gd/gd-2.2.5.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}
Comment 13 Matt Turner gentoo-dev 2018-04-22 19:25:17 UTC
hppa stable
Comment 14 Aaron Bauman (RETIRED) gentoo-dev 2018-04-22 21:10:32 UTC
This is a DoS and downgraded to B3.

GLSA Vote: No
Comment 15 Larry the Git Cow gentoo-dev 2018-04-22 21:11:14 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9df83d31d0160508d26e7ec731b88835582ca92b

commit 9df83d31d0160508d26e7ec731b88835582ca92b
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-04-22 21:10:44 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-04-22 21:11:06 +0000

    media-libs/gd: drop vulnerable
    
    Closes: https://bugs.gentoo.org/629886
    Package-Manager: Portage-2.3.31, Repoman-2.3.9

 media-libs/gd/Manifest        |  1 -
 media-libs/gd/gd-2.2.4.ebuild | 62 -------------------------------------------
 2 files changed, 63 deletions(-)