Bug 15910

Summary: libraw, dcraw, ufraw, rawtherapee, kodi, darktable new integer overflow security issue (CVE-2015-3885)
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: anssi.hannula, fundawang, jani.valimaa, rverschelde, shlomif
Version: 4   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/644511/
Whiteboard:
Source RPM: libraw, dcraw, ufraw, rawtherapee, kodi, darktable CVE:
Status comment:
Bug Depends on: 15915, 15925, 15926, 15927, 15928    
Bug Blocks:    

Description David Walser 2015-05-11 21:13:04 CEST 
An advisory has been issued today (May 11):
http://www.ocert.org/advisories/ocert-2015-006.html

We have another monster libraw bug like Bug 11149.

I have committed the libraw 0.16.1 update in Cauldron and asked for a freeze push.

Reproducible: 

Steps to Reproduce:
David Walser 2015-05-11 21:13:32 CEST

CC: (none) => anssi.hannula, fundawang, jani.valimaa, rverschelde, shlomif
Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-05-11 23:46:55 CEST 
Just for future reference, libraw-0.16.1 is pushed in mga5/Cauldron.  Plenty more work to go :o)
Comment 2 Shlomi Fish 2015-05-12 13:30:01 CEST 
I applied a patch to it in dcraw-9.22-4.mga5.src.rpm but it still needs to be pushed.
Rémi Verschelde 2015-05-12 14:44:20 CEST

Blocks: (none) => 15915

Rémi Verschelde 2015-05-12 14:44:41 CEST

Blocks: 15915 => (none)
Depends on: (none) => 15915

Comment 3 David Walser 2015-05-12 22:40:26 CEST 
dcraw-9.22-4.mga5 and darktable-1.6.6-1.mga5 uploaded for Cauldron.
Comment 4 David Walser 2015-05-12 23:15:09 CEST 
CVE-2015-3885 has been assigned:
http://openwall.com/lists/oss-security/2015/05/12/8

Summary: libraw, dcraw, ufraw, rawtherapee, kodi, darktable new integer overflow security issue => libraw, dcraw, ufraw, rawtherapee, kodi, darktable new integer overflow security issue (CVE-2015-3885)

Comment 5 David Walser 2015-05-13 00:18:38 CEST 
Patches checked into Mageia 4 and Cauldron SVN for ufraw and rawtherapee.  Freeze pushes requested.
Comment 6 David Walser 2015-05-13 00:24:39 CEST 
Patch checked into Mageia 4 SVN for libraw.

Everything is at least patched in SVN and freeze push requested except for kodi.
Comment 7 David Walser 2015-05-13 15:39:03 CEST 
ufraw-0.19.2-10.mga5 and rawtherapee-4.1-4.mga5 uploaded for Cauldron.
David Walser 2015-05-13 16:18:47 CEST

Depends on: (none) => 15925

David Walser 2015-05-13 16:18:55 CEST

Depends on: (none) => 15926

David Walser 2015-05-13 16:19:03 CEST

Depends on: (none) => 15927

David Walser 2015-05-13 16:21:35 CEST

Depends on: (none) => 15928

Comment 8 David Walser 2015-05-13 16:22:33 CEST 
Solved for everything except for xbmc/kodi.

Version: Cauldron => 4
Whiteboard: MGA5TOO, MGA4TOO => (none)

Comment 9 David Walser 2015-05-13 20:28:03 CEST 
I'm going to close the tracker since we have all we need in Bugzilla in the remaining xbmc/kodi bug.

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2015-05-14 17:35:54 CEST

URL: (none) => http://lwn.net/Vulnerabilities/644511/