Bug 19243

Summary: lcms2 new out-of-bounds read security issue (CVE-2016-10165)
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: davidwhodgins, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/698139/
Whiteboard: advisory, MGA5-64-OK
Source RPM: lcms2-2.6-3.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-08-24 17:31:56 CEST 
Fedora has issued an advisory today (August 24):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XXIGDG5IN54AHOOKCR6EFRN6MGRIFLXY/

The issue is fixed upstream in 2.8 (already in Cauldron).

Patched package uploaded for Mageia 5.

Advisory:
========================

Updated lcms2 packages fix security vulnerability:

An out-of-bounds read in cmstypes.c in Type_MLU_Read function was found,
leading to heap memory leak triggered by crafted ICC profile (rhbz#1367357).

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XXIGDG5IN54AHOOKCR6EFRN6MGRIFLXY/
========================

Updated packages in core/updates_testing:
========================
lcms2-2.6-3.1.mga5
liblcms2_2-2.6-3.1.mga5
liblcms2-devel-2.6-3.1.mga5

from lcms2-2.6-3.1.mga5.src.rpm
Comment 1 Dave Hodgins 2016-09-07 03:10:04 CEST 
Just testing that the commands such as
jpgicc2 snow-12hours.jpg tst.jpg
work and the output is viewable.

Keywords: (none) => validated_update
Whiteboard: (none) => advisory, MGA5-64-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 2 Mageia Robot 2016-09-16 11:28:08 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0303.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 3 David Walser 2017-01-23 12:04:03 CET 
CVE request:
http://openwall.com/lists/oss-security/2017/01/23/1
Comment 4 David Walser 2017-01-25 23:39:22 CET 
(In reply to David Walser from comment #3)
> CVE request:
> http://openwall.com/lists/oss-security/2017/01/23/1

CVE-2016-10165:
http://openwall.com/lists/oss-security/2017/01/25/14

Summary: lcms2 new out-of-bounds read security issue => lcms2 new out-of-bounds read security issue (CVE-2016-10165)