Bug 20616

Summary: jhead new security issue CVE-2016-3822
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, jani.valimaa, marja11, sysadmin-bugs
Version: CauldronKeywords: Triaged, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5TOO advisory MGA5-64-OK MGA5-32-OK
Source RPM: jhead-3.00-2.mga6.src.rpm CVE:
Status comment:

Description David Walser 2017-04-01 21:38:09 CEST 
Debian has issued an advisory on March 31:
https://www.debian.org/security/2017/dsa-3825

Mageia 5 is also affected.
David Walser 2017-04-01 21:38:16 CEST

Whiteboard: (none) => MGA5TOO

Marja Van Waes 2017-04-01 23:20:59 CEST

Keywords: (none) => Triaged
CC: (none) => marja11
Assignee: bugsquad => jani.valimaa

Comment 1 Jani Välimaa 2017-04-02 12:21:42 CEST 
Fixed in cauldron[1] and in mga5[2] core/updates_testing.

[1] jhead-3.00-3.mga6
[2] jhead-2.97-4.1.mga5

CC: (none) => jani.valimaa
Assignee: jani.valimaa => qa-bugs

Comment 2 Dave Hodgins 2017-04-04 03:45:47 CEST 
No POC image provided, so just testing that the update installs cleanly and
a basic function works.

$ jhead /usr/share/doc/fontforge/htdocs/MetalType.jpeg|grep Comment
Comment      : Created with The GIMP

Same output on Mageia 5 i586, x86_64, both before and after the update.

Validating the update.

Advisory loaded to svn with ...
$ cat 20616.adv 
type: security
subject: Updated jhead packages fix security vulnerability
CVE:
 - CVE-2016-3822
src:
  5:
   core:
     - jhead-2.97-4.1.mga5
description: |
  It was discovered that jhead, a tool to manipulate the non-image part of
  EXIF compliant JPEG files, is prone to an out-of-bounds access
  vulnerability, which may result in denial of service or, potentially, the
  execution of arbitrary code if an image with specially crafted EXIF data
  is processed.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20616
 - https://www.debian.org/security/2017/dsa-3825
 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858213

Keywords: (none) => validated_update
Whiteboard: MGA5TOO => MGA5TOO advisory MGA5-64-OK MGA5-32-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 3 Mageia Robot 2017-04-04 08:45:08 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0105.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED