Bug 22240

Summary:	libextractor new security issue CVE-2017-17440
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	QA Team <qa-bugs>
Status:	RESOLVED FIXED	QA Contact:	Sec team <security>
Severity:	normal
Priority:	Normal	CC:	davidwhodgins, geiger.david68210, herman.viaene, marja11, sysadmin-bugs
Version:	6	Keywords:	advisory, validated_update
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:	MGA5TOO MGA5-32-OK MGA6-64-OK
Source RPM:	libextractor-1.6-1.mga6.src.rpm	CVE:
Status comment:

Description David Walser 2017-12-20 00:20:09 CET

Fedora has issued an advisory today (December 19):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/M3U4WCFHXI3CPXBAGROGSUWCMG2M4FFG/

They added a patch:
http://pkgs.fedoraproject.org/cgit/rpms/libextractor.git/plain/7cc63b001ceaf81143795321379c835486d0c92e.patch?id=a98c36b2bad10707da66264266567695c65c342c

Mageia 5 and Mageia 6 are also affected.

David Walser 2017-12-20 00:20:23 CET

CC: (none) => geiger.david68210
Whiteboard: (none) => MGA6TOO, MGA5TOO

Comment 1 Marja Van Waes 2017-12-20 07:16:48 CET

Assigning to the registered maintainer.

CC: (none) => marja11
Assignee: bugsquad => anssi.hannula

Comment 2 David Walser 2017-12-28 16:15:25 CET

Advisory:
========================

Updated libextractor packages fix security vulnerability:

GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL
pointer dereference and application crash) via a crafted GIF, IT (Impulse
Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as
demonstrated by the EXTRACTOR_xm_extract_method function in
plugins/xm_extractor.c (CVE-2017-17440).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17440
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/M3U4WCFHXI3CPXBAGROGSUWCMG2M4FFG/
========================

Updated packages in core/updates_testing:
========================
extract-1.6-1.1.mga5
libextractor-common-1.6-1.1.mga5
libextractor3-1.6-1.1.mga5
libextractor_common1-1.6-1.1.mga5
libextractor-devel-1.6-1.1.mga5
extract-1.6-1.1.mga6
libextractor-common-1.6-1.1.mga6
libextractor3-1.6-1.1.mga6
libextractor_common1-1.6-1.1.mga6
libextractor-devel-1.6-1.1.mga6

from SRPMS:
libextractor-1.6-1.1.mga5.src.rpm
libextractor-1.6-1.1.mga6.src.rpm

Whiteboard: MGA6TOO, MGA5TOO => MGA5TOO
Assignee: anssi.hannula => qa-bugs
Version: Cauldron => 6

Comment 3 Herman Viaene 2017-12-30 14:16:59 CET

MGA5-32 on Dell Latitude D600 Xfce
No installation issues
Tried the command
$ extract 1973.jpg 
Trefwoorden voor bestand 1973.jpg:
MIME-type - image/jpeg
afbeeldingsafmetingen - 2904x4208
opmerking - Created with GIMP
$ extract P7212389.ORF 
Trefwoorden voor bestand P7212389.ORF:
MIME-type - image/x-olympus-orf
$ extract kursustekst.pdf 
Trefwoorden voor bestand kursustekst.pdf:
MIME-type - application/pdf
door software geproduceerd - GPL Ghostscript 9.22
aanmaakdatum - Wed Nov 29 15:19:20 2017
wijzigingsdatum - Wed Nov 29 15:19:20 2017
aantal bladzijden - 84
encoder-versie - 1.4
$ extract POWERPOINT\ Aperitiefontmoeting.odp 
Trefwoorden voor bestand POWERPOINT Aperitiefontmoeting.odp:
MIME-type - application/vnd.oasis.opendocument.presentation
ingebedde bestandsnaam - mimetype
ingebedde bestandsnaam - Thumbnails/thumbnail.png
ingebedde bestandsnaam - meta.xml
ingebedde bestandsnaam - settings.xml
ingebedde bestandsnaam - Pictures/10000000000000EC000000B16A36C38E.jpg
ingebedde bestandsnaam - Pictures/10000000000002A200000190F943819D.jpg
ingebedde bestandsnaam - Pictures/1000000000000B3A00000AB4940BA658.png
ingebedde bestandsnaam - Pictures/10000000000002FB000002C8D1D4E058.jpg
ingebedde bestandsnaam - Pictures/10000000000000C80000012D88CC23DC.jpg
ingebedde bestandsnaam - Pictures/10000000000002580000008BB6D484DB.jpg
ingebedde bestandsnaam - Pictures/10000000000003FC0000021E2C934BFD.jpg
ingebedde bestandsnaam - Pictures/100000000000025800000190CF5E2C90.jpg
ingebedde bestandsnaam - Pictures/100000000000029E0000017889A41539.jpg
ingebedde bestandsnaam - Pictures/100000000000012C0000012C273860A6.png
ingebedde bestandsnaam - Pictures/10000000000002010000011B72BF5103.jpg
ingebedde bestandsnaam - Pictures/100002010000012C0000012C354BF842.png
ingebedde bestandsnaam - Pictures/100000000000030100000232FFF94F79.jpg
ingebedde bestandsnaam - Pictures/10000000000000AD000000FAC3EF1AF4.jpg
ingebedde bestandsnaam - Pictures/10000000000000B0000000ACA4DCE4AE.png
ingebedde bestandsnaam - Pictures/10000000000001BA00000268DE6D2468.png
ingebedde bestandsnaam - Pictures/10000000000001CC0000015FF1CED917.png
ingebedde bestandsnaam - Pictures/100002010000022A0000011244F03356.png
ingebedde bestandsnaam - Pictures/100000000000041A00000302C629B643.jpg
ingebedde bestandsnaam - Pictures/100002010000005A0000006A1924C562.png
ingebedde bestandsnaam - Pictures/10000000000007190000045C1D76D603.jpg
ingebedde bestandsnaam - Pictures/10000000000000F200000085CB133F20.jpg
ingebedde bestandsnaam - Pictures/100000000000025A000002D7CF87365A.jpg
ingebedde bestandsnaam - Pictures/100000000000036E000002DB3CBF3D49.png
ingebedde bestandsnaam - Pictures/10000000000000E2000000B1F88B11A2.jpg
ingebedde bestandsnaam - Pictures/10000000000002C30000018E816D25CD.jpg
ingebedde bestandsnaam - Pictures/100002010000035C000000B748953BB4.png
ingebedde bestandsnaam - Pictures/10000000000000E9000000ACC2A82743.png
ingebedde bestandsnaam - Pictures/TablePreview1.svm
ingebedde bestandsnaam - Pictures/1000000000000185000000E592017016.jpg
ingebedde bestandsnaam - Pictures/10000000000000EF000001DCB8FC6AF7.jpg
ingebedde bestandsnaam - Pictures/10000201000000B0000000B03AD68DDF.png
ingebedde bestandsnaam - Pictures/1000000000000437000000E84FE46229.png
ingebedde bestandsnaam - Pictures/10000201000002580000009EAA25738E.png
ingebedde bestandsnaam - Pictures/100000000000035E000002D156212927.jpg
ingebedde bestandsnaam - Pictures/100000000000015E000001361E09A39E.png
ingebedde bestandsnaam - Pictures/1000000000000373000001F156798FF5.jpg
ingebedde bestandsnaam - Pictures/10000201000005DE00000465D976DB02.png
ingebedde bestandsnaam - Pictures/10000000000000CC000000353976E1DF.png
ingebedde bestandsnaam - Configurations2/floater/
ingebedde bestandsnaam - Configurations2/accelerator/current.xml
ingebedde bestandsnaam - Configurations2/toolpanel/
ingebedde bestandsnaam - Configurations2/progressbar/
ingebedde bestandsnaam - Configurations2/statusbar/
ingebedde bestandsnaam - Configurations2/images/Bitmaps/
ingebedde bestandsnaam - Configurations2/popupmenu/
ingebedde bestandsnaam - Configurations2/menubar/
ingebedde bestandsnaam - Configurations2/toolbar/
ingebedde bestandsnaam - META-INF/manifest.xml
ingebedde bestandsnaam - content.xml
ingebedde bestandsnaam - styles.xml
indeling - ZIP 2.0 (uncompressed)
MIME-type - application/vnd.oasis.opendocument.presentation
door software gemaakt - LibreOffice/4.4.7.2$Linux_X86_64 LibreOffice_project/40$Build-2
onbekende datum - 2016-02-24T13:28:15.156288859
titel - PowerPoint-presentatie

Looks all good to me.

CC: (none) => herman.viaene
Whiteboard: MGA5TOO => MGA5TOO MGA5-32-OK

Dave Hodgins 2018-01-01 08:04:29 CET

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 4 Dave Hodgins 2018-01-03 14:30:25 CET

Confirmed extract is working for various image formats.

Validating the update.

Whiteboard: MGA5TOO MGA5-32-OK => MGA5TOO MGA5-32-OK MGA6-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 5 Mageia Robot 2018-01-03 15:23:40 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0043.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED