Bug 13218

Summary: openjpeg new security issue CVE-2014-0158
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: sysadmin-bugs, tmb
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/595038/
Whiteboard: MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
Source RPM: openjpeg-1.5.1-4.mga4.src.rpm CVE:
Status comment:

Description David Walser 2014-04-15 20:14:24 CEST 
Fedora has issued an advisory on April 4:
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html

Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Advisory:
========================

Updated openjpeg packages fix security vulnerability:

A heap-based buffer overflow was found in the way openjpeg parsed certain
image files from a JPEG2000 image. If a specially-crafted image were opened
by an application linked against OpenJPEG, it could cause the application to
crash or, potentially, execute arbitrary code with the privileges of the user
running the application (CVE-2014-0158).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0158
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html
========================

Updated packages in core/updates_testing:
========================
openjpeg-1.5.1-3.2.mga3
libopenjpeg5-1.5.1-3.2.mga3
libopenjpeg-devel-1.5.1-3.2.mga3
openjpeg-1.5.1-4.1.mga4
libopenjpeg5-1.5.1-4.1.mga4
libopenjpeg-devel-1.5.1-4.1.mga4

from SRPMS:
openjpeg-1.5.1-3.2.mga3.src.rpm
openjpeg-1.5.1-4.1.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
David Walser 2014-04-15 20:14:30 CEST

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2014-04-16 15:23:38 CEST 
The patch is to j2k.c, so these sample test procedures should help:
http://www.openjpeg.org/index.php?menu=samples

(I found that in Bug 7510).

Whiteboard: MGA3TOO => MGA3TOO has_procedure

Comment 2 claire robinson 2014-04-16 16:46:27 CEST 
Testing complete mga4 64

$ image_to_j2k -i Bretagne1.ppm -o Bretagne1.j2k -r 200,50,10

[INFO] tile number 1 / 1
[INFO] - tile encoded in 0.236000 s
Generated outfile Bretagne1.j2k


Testing the others shortly.

Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure mga4-64-ok

Comment 3 claire robinson 2014-04-16 17:01:02 CEST 
Testing complete mga-all-the-others

Whiteboard: MGA3TOO has_procedure mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok

Comment 4 claire robinson 2014-04-16 17:03:43 CEST 
Advisory uploaded. Validating.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

David Walser 2014-04-17 00:19:41 CEST

URL: (none) => http://lwn.net/Vulnerabilities/595038/

Comment 5 Thomas Backlund 2014-04-17 22:38:01 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0182.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED