Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 701826 (CVE-2019-19035) - <media-gfx/jhead-3.04: heap based over-read in ReadJpegSections and process_SOFn in jpgfile.c leads to denial of service (CVE-2019-19035)
Summary: <media-gfx/jhead-3.04: heap based over-read in ReadJpegSections and process_S...
Status: RESOLVED FIXED
Alias: CVE-2019-19035
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa cve]
Keywords:
Depends on: CVE-2019-1010301, CVE-2019-1010302
Blocks:
  Show dependency tree
 
Reported: 2019-12-02 22:44 UTC by GLSAMaker/CVETool Bot
Modified: 2020-07-27 12:32 UTC (History)
2 users (show)

See Also:
Package list:
media-gfx/jhead-3.04
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-12-02 22:44:27 UTC
CVE-2019-19035 (https://nvd.nist.gov/vuln/detail/CVE-2019-19035):
  jhead 3.03 is affected by: heap-based buffer over-read. The impact is:
  Denial of service. The component is: ReadJpegSections and process_SOFn in
  jpgfile.c. The attack vector is: Open a specially crafted JPEG file.
Comment 1 Thomas Deutschmann gentoo-dev Security 2019-12-02 22:46:24 UTC
Should be fixed in 3.04 according to https://bugzilla.redhat.com/show_bug.cgi?id=1765647#c1
Comment 2 Sam James archtester gentoo-dev Security 2020-03-19 01:44:54 UTC
@maintainer(s), please create an appropriate ebuild, and call for stabilisation when ready.
Comment 3 Larry the Git Cow gentoo-dev 2020-07-04 14:27:51 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=67e090339cb570cde380194dbc8b68089d9de311

commit 67e090339cb570cde380194dbc8b68089d9de311
Author:     John Helmert III <jchelmert3@posteo.net>
AuthorDate: 2020-06-24 20:39:38 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2020-07-04 14:25:02 +0000

    media-gfx/jhead: Security bump to 3.04
    
    EAPI bumped, src_prepare refactored away, added PATCHES array instead
    with a patch that includes the effects of the previous patch. This patch
    also includes adding Makefile functionality to create a shared library
    that was removed upstream since the last version we have.
    
    Bug: https://bugs.gentoo.org/701826
    Bug: https://bugs.gentoo.org/711220
    Package-Manager: Portage-2.3.103, Repoman-2.3.23
    Signed-off-by: John Helmert III <jchelmert3@posteo.net>
    Closes: https://github.com/gentoo/gentoo/pull/16406
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 media-gfx/jhead/Manifest                           |  1 +
 .../files/jhead-3.04-mkstemp-fix-makefile.patch    | 53 ++++++++++++++++++++++
 media-gfx/jhead/jhead-3.04.ebuild                  | 24 ++++++++++
 3 files changed, 78 insertions(+)
Comment 4 Larry the Git Cow gentoo-dev 2020-07-27 12:32:27 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=974f37f38f8a813afa0dd0c368d11bf7b8e5ccab

commit 974f37f38f8a813afa0dd0c368d11bf7b8e5ccab
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2020-07-27 12:32:20 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2020-07-27 12:32:20 +0000

    [ GLSA 202007-17 ] Add missing bug #701826
    
    This does not change the severity or impact of the GLSA.
    
    Closes: https://bugs.gentoo.org/701826
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202007-17.xml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)