Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 699868 (CVE-2018-19210, CVE-2019-17546, CVE-2019-6128) - <media-libs/tiff-4.1.0: multiple vulnerabilities (CVE-{2018-19210,2019-6128,2019-17546})
Summary: <media-libs/tiff-4.1.0: multiple vulnerabilities (CVE-{2018-19210,2019-6128,2...
Status: RESOLVED FIXED
Alias: CVE-2018-19210, CVE-2019-17546, CVE-2019-6128
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-11-11 18:29 UTC by GLSAMaker/CVETool Bot
Modified: 2020-03-15 15:12 UTC (History)
1 user (show)

See Also:
Package list:
media-libs/tiff-4.1.0
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-11-11 18:29:53 UTC
CVE-2018-19210 (https://nvd.nist.gov/vuln/detail/CVE-2018-19210):
  In LibTIFF 4.0.9, there is a NULL pointer dereference in the
  TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial
  of service attack, as demonstrated by tiffset.

CVE-2019-6128 (https://nvd.nist.gov/vuln/detail/CVE-2019-6128):
  The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak,
  as demonstrated by pal2rgb.
Comment 1 Agostino Sarubbo gentoo-dev 2019-11-12 10:07:54 UTC
x86 stable
Comment 2 Agostino Sarubbo gentoo-dev 2019-11-12 10:14:06 UTC
sparc stable
Comment 3 Agostino Sarubbo gentoo-dev 2019-11-12 10:16:39 UTC
s390 stable
Comment 4 Agostino Sarubbo gentoo-dev 2019-11-12 15:09:32 UTC
ppc64 stable
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2019-11-13 01:26:19 UTC
arm64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-11-13 07:41:58 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-11-13 07:44:59 UTC
amd64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2019-11-14 11:58:23 UTC
ia64 stable
Comment 9 Matt Turner gentoo-dev 2019-11-17 07:22:00 UTC
alpha stable
Comment 10 Rolf Eike Beer archtester 2019-11-19 19:57:20 UTC
hppa stable
Comment 11 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-11-27 13:43:01 UTC
arm stable
Comment 12 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-11-27 13:44:09 UTC
sh stable
Comment 13 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-11-27 13:44:32 UTC
m68k stable
Comment 14 Thomas Deutschmann (RETIRED) gentoo-dev 2019-12-03 00:42:27 UTC
@ maintainer(s): Please cleanup and drop <media-libs/tiff-4.1.0!
Comment 15 Larry the Git Cow gentoo-dev 2020-01-29 21:44:44 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b07bec238b4b2e98288cf4880faad4b504366ee

commit 2b07bec238b4b2e98288cf4880faad4b504366ee
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2020-01-29 21:43:33 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2020-01-29 21:44:32 +0000

    media-libs/tiff: 4.0.10-r2 security cleanup
    
    If no one else will do it...
    
    Bug: https://bugs.gentoo.org/699868
    Package-Manager: Portage-2.3.86, Repoman-2.3.20
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 media-libs/tiff/Manifest                           |   1 -
 ...-2018-17000-tif_dirwrite-null-dereference.patch |  33 --
 ....0.10-CVE-2019-14973-fix-integer-overflow.patch | 395 ---------------------
 .../tiff-4.0.10-CVE-2019-6128-pal2rgb-leak.patch   |  48 ---
 ....0.10-CVE-2019-7663-tiffcpIntegerOverflow.patch |  73 ----
 media-libs/tiff/tiff-4.0.10-r2.ebuild              |  86 -----
 6 files changed, 636 deletions(-)
Comment 16 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-15 15:06:03 UTC
New GLSA request filed.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2020-03-15 15:12:06 UTC
This issue was resolved and addressed in
 GLSA 202003-25 at https://security.gentoo.org/glsa/202003-25
by GLSA coordinator Thomas Deutschmann (whissi).