| Summary: | libexif new security issue CVE-2017-7544 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, herman.viaene, marja11, sysadmin-bugs, tarazed25 |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA5TOO MGA5-32-OK MGA6-64-OK | ||
| Source RPM: | libexif-0.6.21-10.mga7.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2018-01-26 05:30:29 CET
David Walser
2018-01-26 05:30:37 CET
Whiteboard:
(none) =>
MGA6TOO Assigning to all packagers collectively, since there is no registered maintainer for this package. Assignee:
bugsquad =>
pkg-bugs Patched packages uploaded for Mageia 5, Mageia 6, and Cauldron. Advisory: ======================== Updated libexif packages fix security vulnerability: An out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure (CVE-2017-7544). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544 https://lists.opensuse.org/opensuse-updates/2018-01/msg00089.html ======================== Updated packages in core/updates_testing: ======================== libexif12-common-0.6.21-8.2.mga5 libexif12-0.6.21-8.2.mga5 libexif-devel-0.6.21-8.2.mga5 libexif12-common-0.6.21-9.2.mga6 libexif12-0.6.21-9.2.mga6 libexif-devel-0.6.21-9.2.mga6 from SRPMS: libexif-0.6.21-8.2.mga5.src.rpm libexif-0.6.21-9.2.mga6.src.rpm Assignee:
pkg-bugs =>
qa-bugs MGA5-32 on Dell Latitude D600 Xfce No installation issues Ref. bug 22277 Comment 1 for testing. exif displays the info ok. Whiteboard:
MGA5TOO =>
MGA5TOO MGA5-32-OK Mageia 6 :: x86_64
There is a POC for this but the author is very security conscious and has encrypted the details to prevent exploits before the software was patched, so we shall forget about that.
Found a digital camera image and tried exif on that and the information returned looked normal.
Updated the libraries and checked the file again.
$ exif DSCN0329.JPG
EXIF tags in 'DSCN0329.JPG' ('Intel' byte order):
--------------------+----------------------------------------------------------
Tag |Value
--------------------+----------------------------------------------------------
Image Description |
Manufacturer |NIKON
Model |COOLPIX P610
Orientation |Top-left
X-Resolution |300
Y-Resolution |300
...............................................
Exif Version |Exif Version 2.3
Date and Time (Origi|2016:08:09 14:55:02
Date and Time (Digit|2016:08:09 14:55:02
Components Configura|Y Cb Cr -
Compressed Bits per | 4
Exposure Bias |0.00 EV
Maximum Aperture Val|3.40 EV (f/3.2)
Metering Mode |Pattern
Light Source |Unknown
................................................
Focal Length in 35mm|70
Scene Capture Type |Standard
Gain Control |High gain down
Contrast |Normal
Saturation |Normal
Sharpness |Normal
Subject Distance Ran|Unknown
Interoperability Ind|R98
Interoperability Ver|0100
--------------------+----------------------------------------------------------
EXIF data contains a thumbnail (6545 bytes).
Same data. OK for 64 bits.CC:
(none) =>
tarazed25
Len Lawrence
2018-02-05 23:15:03 CET
CC:
(none) =>
sysadmin-bugs
Dave Hodgins
2018-02-06 05:44:22 CET
CC:
(none) =>
davidwhodgins An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0113.html Resolution:
(none) =>
FIXED |