Bug affecting version 0.26, which is not in tree yet An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file. Upstream issue: http://dev.exiv2.org/issues/1295 References: https://github.com/lolo-pop/poc/tree/master/Segmentation%20fault%20in%20convert-test(exiv2)
CVE-2017-9239 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9239): An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file.
Our version in repository _is_ affected. Upstream patch: https://github.com/Exiv2/exiv2/commit/2f8681e120d277e418941c4361c83b5028f67fd8
Working on it, but build system needs battering into shape once more...
exiv-0.26 is now in tree, masked, with CVE-2017-9239 addressed, git commit 30f7dfcd4f9710d6f01ec079cb9ed71424347e5b
media-gfx/exiv2-0.26 is unmasked in tree since June 7th, bug 621242 was just fixed. Feel free to stabilise as you see fit.
An automated check of this bug failed - the following atom is unknown: media-gfx/exiv2-0.26_p20171018 Please verify the atom list.
An automated check of this bug succeeded - the previous repoman errors are now resolved.
x86 stable
ia64 stable
amd64 stable
Stable on alpha.
ppc64 stable
ppc stable
hppa stable
arm stable, all arches done.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cdb23e8b3608be50daebdeb5d904b179a58d8339 commit cdb23e8b3608be50daebdeb5d904b179a58d8339 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2017-11-19 15:23:00 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2017-11-19 15:23:34 +0000 media-gfx/exiv2: Security cleanup Bug: https://bugs.gentoo.org/621028 Package-Manager: Portage-2.3.14, Repoman-2.3.6 media-gfx/exiv2/Manifest | 1 - media-gfx/exiv2/exiv2-0.25-r2.ebuild | 127 --------------------- media-gfx/exiv2/files/exiv2-0.25-fix-docs.patch | 71 ------------ .../exiv2/files/exiv2-0.25-fix-install-dirs.patch | 64 ----------- .../exiv2/files/exiv2-0.25-fix-without-zlib.patch | 22 ---- .../files/exiv2-0.25-fvisibility-hidden.patch | 19 --- .../exiv2/files/exiv2-0.25-hide-symbols.patch | 97 ---------------- .../exiv2/files/exiv2-0.25-tools-optional.patch | 27 ----- 8 files changed, 428 deletions(-)}
Cleanup done in git commit cdb23e8b3608be50daebdeb5d904b179a58d8339
commit 319d04a82b6c0c436aa3deee70ea8052ab1a6ba2 Author: Rolf Eike Beer <eike@sf-mail.de> Date: Wed Feb 21 08:55:37 2018 +0100 media-gfx/exiv2: stable 0.26_p20171104 for sparc, bug #621028