CVE-2022-28550 (https://github.com/Matthias-Wandel/jhead/issues/51): Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when multiple `&i` or `&o` are given. Patch: https://github.com/Matthias-Wandel/jhead/commit/64894dbc7d8e1e232e85f1cab25c64290b2fc167
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d4bf8684d408ef7310a7915ca277707350d708d6 commit d4bf8684d408ef7310a7915ca277707350d708d6 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-03-11 18:02:02 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-03-11 18:02:11 +0000 media-gfx/jhead: add 3.08 Bug: https://bugs.gentoo.org/908519 Closes: https://bugs.gentoo.org/879543 Closes: https://bugs.gentoo.org/890252 Signed-off-by: Sam James <sam@gentoo.org> media-gfx/jhead/Manifest | 1 + .../jhead/files/jhead-3.08-fix-makefile.patch | 42 ++++++++++++++++++++++ media-gfx/jhead/jhead-3.08.ebuild | 36 +++++++++++++++++++ 3 files changed, 79 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1a59a083d1232dcfaf429929cee44049efb9771 commit e1a59a083d1232dcfaf429929cee44049efb9771 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2024-05-01 10:08:04 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2024-05-01 10:08:32 +0000 media-gfx/jhead: drop 3.06.0.1-r1 Bug: https://bugs.gentoo.org/908519 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> media-gfx/jhead/Manifest | 1 - .../files/jhead-3.06.0.1-CVE-2021-34055.patch | 108 --------------------- .../jhead-3.06.0.1-mkstemp-fix-makefile.patch | 52 ---------- media-gfx/jhead/jhead-3.06.0.1-r1.ebuild | 27 ------ 4 files changed, 188 deletions(-)
