| Summary: | libwmf new security issue CVE-2017-6362 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | lewyssmith, mageia, nicolas.salguero, sysadmin-bugs, wilcal.int |
| Version: | 5 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-32-OK MGA6-64-OK | ||
| Source RPM: | libwmf-0.2.8.4-32.4.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2017-09-14 13:28:11 CEST
David Walser
2017-09-14 13:28:31 CEST
Whiteboard:
(none) =>
MGA6TOO, MGA5TOO Suggested advisory: ======================== The updated packages fix a security vulnerability: Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. (CVE-2017-6362) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362 ======================== Updated packages in 5/core/updates_testing: ======================== libwmf-0.2.8.4-32.5.mga5 lib(64)wmf0.2_7-0.2.8.4-32.5.mga5 lib(64)wmf-devel-0.2.8.4-32.5.mga5 from SRPMS: libwmf-0.2.8.4-32.5.mga5.src.rpm Updated packages in 6/core/updates_testing: ======================== libwmf-0.2.8.4-37.1.mga6 lib(64)wmf0.2_7-0.2.8.4-37.1.mga6 lib(64)wmf-devel-0.2.8.4-37.1.mga6 from SRPMS: libwmf-0.2.8.4-37.1.mga6.src.rpm Whiteboard:
MGA6TOO, MGA5TOO =>
MGA6TOO Installed and tested without issues. Tested using the convert command from the package imagemagick to convert wmf vector images in to PNG images and checked that the PNG images looked correct. Confirmed that the library in question was being used (loaded at least) with strace. Didn't have any files of this type so I used wmf files downloaded from this site: http://all-free-download.com/free-vectors/ $ uname -a Linux marte 4.4.88-desktop-1.mga5 #1 SMP Thu Sep 14 00:03:58 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qf /usr/bin/convert imagemagick-6.9.5.2-1.mga5 $ strace -o convert.strace convert sample.wmf sample.png $ grep libwmf convert.strace open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib64/libwmflite-0.2.so.7 lib64wmf0.2_7-0.2.8.4-32.5.mga5 CC:
(none) =>
mageia In VirtualBox, M5.1, KDE, 64-bit
Package(s) under test:
libwmf lib64wmf0.2_7 lib64wmf-devel
default install of libwmf lib64wmf0.2_7 & lib64wmf-devel
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-32.4.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wmf0.2_7
Package lib64wmf0.2_7-0.2.8.4-32.4.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wmf-devel
Package lib64wmf-devel-0.2.8.4-32.4.mga5.x86_64 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.5.2-1.mga5
$ strace -o convert.strace convert sample1.wmf sample1.png
converts to sample1.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib64/libwmflite-0.2.so.7
lib64wmf0.2_7-0.2.8.4-32.5.mga5
install libwmf lib64wmf0.2_7 & lib64wmf-devel from updates_testing
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-32.5.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wmf0.2_7
Package lib64wmf0.2_7-0.2.8.4-32.5.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wmf-devel
Package lib64wmf-devel-0.2.8.4-32.5.mga5.x86_64 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.5.2-1.mga5
$ strace -o convert.strace convert sample2.wmf sample2.png
converts to sample2.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib64/libwmflite-0.2.so.7
lib64wmf0.2_7-0.2.8.4-32.5.mga5CC:
(none) =>
wilcal.int
William Kenney
2017-09-19 19:50:55 CEST
Whiteboard:
MGA6TOO =>
MGA6TOO MGA6-64-OK
William Kenney
2017-09-19 20:11:00 CEST
Whiteboard:
MGA6TOO MGA6-64-OK =>
MGA6TOO MGA5-64-OK In VirtualBox, M5.1, KDE, 32-bit
Package(s) under test:
libwmf libwmf0.2_7 libwmf-devel
default install of libwmf libwmf0.2_7 & libwmf-devel
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-32.4.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwmf0.2_7
Package libwmf0.2_7-0.2.8.4-32.4.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwmf-devel
Package libwmf-devel-0.2.8.4-32.4.mga5.i586 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.5.2-1.mga5
$ strace -o convert.strace convert sample1.wmf sample1.png
converts to sample1.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib/libwmflite-0.2.so.7
libwmf0.2_7-0.2.8.4-32.4.mga5
install libwmf libwmf0.2_7 & libwmf-devel from updates_testing
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-32.5.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwmf0.2_7
Package libwmf0.2_7-0.2.8.4-32.5.mga5.i586 is already installed
[root@localhost wilcal]# urpmi libwmf-devel
Package libwmf-devel-0.2.8.4-32.5.mga5.i586 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.5.2-1.mga5
$ strace -o convert.strace convert sample2.wmf sample2.png
converts to sample2.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib/libwmflite-0.2.so.7
libwmf0.2_7-0.2.8.4-32.5.mga5
William Kenney
2017-09-19 20:32:44 CEST
Whiteboard:
MGA6TOO MGA5-64-OK =>
MGA6TOO MGA5-32-OK MGA5-64-OK In VirtualBox, M6, Plasma, 64-bit
Package(s) under test:
libwmf lib64wmf0.2_7 lib64wmf-devel
default install of libwmf lib64wmf0.2_7 & lib64wmf-devel
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-37.mga6.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wmf0.2_7
Package lib64wmf0.2_7-0.2.8.4-37.mga6.x86_64 is already installed
[root@localhost wilcal]# urpmi lib64wmf-devel
Package lib64wmf-devel-0.2.8.4-37.mga6.x86_64 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.8.7-1.mga6
$ strace -o convert.strace convert sample1.wmf sample1.png
converts to sample1.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib64/libwmflite-0.2.so.7
lib64wmf0.2_7-0.2.8.4-37.mga6
install libwmf lib64wmf0.2_7 & lib64wmf-devel from updates_testing
[root@localhost libwmf_files]# urpmi libwmf
Package libwmf-0.2.8.4-37.1.mga6.x86_64 is already installed
[root@localhost libwmf_files]# urpmi lib64wmf0.2_7
Package lib64wmf0.2_7-0.2.8.4-37.1.mga6.x86_64 is already installed
[root@localhost libwmf_files]# urpmi lib64wmf-devel
Package lib64wmf-devel-0.2.8.4-37.1.mga6.x86_64 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.8.7-1.mga6
$ strace -o convert.strace convert sample2.wmf sample2.png
converts to sample1.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib64/libwmflite-0.2.so.7
lib64wmf0.2_7-0.2.8.4-37.1.mga6
William Kenney
2017-09-19 23:45:15 CEST
Whiteboard:
MGA6TOO MGA5-32-OK MGA5-64-OK =>
MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-64-OK In VirtualBox, M6, KDE, 32-bit
Package(s) under test:
libwmf libwmf0.2_7 libwmf-devel
default install of libwmf libwmf0.2_7 & libwmf-devel
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-37.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwmf0.2_7
Package libwmf0.2_7-0.2.8.4-37.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwmf-devel
Package libwmf-devel-0.2.8.4-37.mga6.i586 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.8.7-1.mga6
$ strace -o convert.strace convert sample1.wmf sample1.png
converts to sample1.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib/libwmflite-0.2.so.7
libwmf0.2_7-0.2.8.4-37.mga6
install libwmf libwmf0.2_7 & libwmf-devel from updates_testing
[root@localhost wilcal]# urpmi libwmf
Package libwmf-0.2.8.4-37.1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwmf0.2_7
Package libwmf0.2_7-0.2.8.4-37.1.mga6.i586 is already installed
[root@localhost wilcal]# urpmi libwmf-devel
Package libwmf-devel-0.2.8.4-37.1.mga6.i586 is already installed
$ rpm -qf /usr/bin/convert
imagemagick-6.9.8.7-1.mga6
$ strace -o convert.strace convert sample2.wmf sample2.png
converts to sample1.png file. Opens with gimp
$ grep libwmf convert.strace
getcwd("/home/wilcal/libwmf_files", 4096) = 26
open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3
$ rpm -qf /lib/libwmflite-0.2.so.7
libwmf0.2_7-0.2.8.4-37.1.mga6
William Kenney
2017-09-20 00:14:45 CEST
Whiteboard:
MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-64-OK =>
MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-32-OK MGA6-64-OK Are we good to go on this one David, PC LX? Sure. Yes, no issues here. This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks Keywords:
(none) =>
validated_update Advisory from comments 1 & 0. Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2017-0351.html Status:
ASSIGNED =>
RESOLVED |