| Summary: | jhead new security issues CVE-2018-16554 and CVE-2018-17088 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, geiger.david68210, herman.viaene, lewyssmith, sysadmin-bugs |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6-32-OK MGA6-64-OK | ||
| Source RPM: | jhead-3.00-5.mga7.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2018-10-13 00:00:26 CEST
David Walser
2018-10-13 00:00:38 CEST
Whiteboard:
(none) =>
MGA6TOO Done for Cauldron and mga6! CC:
(none) =>
geiger.david68210 Advisory: ======================== Updated jhead package fixes security vulnerability: The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling (CVE-2018-16554). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16554 https://lists.opensuse.org/opensuse-updates/2018-09/msg00142.html ======================== Updated packages in core/updates_testing: ======================== jhead-3.00-3.2.mga6 from jhead-3.00-3.2.mga6.src.rpm Whiteboard:
MGA6TOO =>
(none) MGA6-32 MATE on IBM Thinkpad R50e
No installation issues
$ jhead -v p4090005.jpg
Exif header 24574 bytes long
Exif section in Intel order
(dir has 12 entries)
ImageDescription = "OLYMPUS DIGITAL CAMERA "
Make = "OLYMPUS IMAGING CORP. "
Model = "E-500 "
Orientation = 1
XResolution = 314/1
YResolution = 314/1
and loads more
$ jhead -v dsc00107.jpg
Exif header 15865 bytes long
Exif section in Intel order
(dir has 11 entries)
ImageDescription = " "
Make = "SONY"
Model = "DSC-P200"
Orientation = 1
XResolution = 72/1
YResolution = 72/1
etc.....
Looks goodCC:
(none) =>
herman.viaene openSUSE has issued an advisory today (October 26): https://lists.opensuse.org/opensuse-updates/2018-10/msg00198.html It fixes an additional issue. CC:
(none) =>
qa-bugs Fixed both Cauldron and mga6! Advisory: ======================== Updated jhead package fixes security vulnerability: The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling (CVE-2018-16554). The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length (CVE-2018-17088). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16554 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17088 https://lists.opensuse.org/opensuse-updates/2018-09/msg00142.html https://lists.opensuse.org/opensuse-updates/2018-10/msg00198.html ======================== Updated packages in core/updates_testing: ======================== jhead-3.00-3.3.mga6 from jhead-3.00-3.3.mga6.src.rpm Whiteboard:
MGA6-32-OK =>
(none) MGA6-32 MATE on IBM Thinkpad R50e No installation issues At CLI: $ jhead 34815438.jpg File name : 34815438.jpg File size : 131213 bytes File date : 2016:05:12 19:43:56 Resolution : 500 x 375 JPEG Quality : 96 this is a file which is the result of various format conversions, so OK for me. $ jhead p4090007.jpg File name : p4090007.jpg File size : 4898553 bytes File date : 2016:05:12 19:43:57 Camera make : OLYMPUS IMAGING CORP. Camera model : E-500 Date/Time : 2006:04:09 15:13:12 Resolution : 3264 x 2448 Flash used : No (auto) Focal length : 24.0mm Exposure time: 0.167 s (1/6) Aperture : f/4.2 ISO equiv. : 100 Whitebalance : Auto Metering Mode: pattern Exposure : Creative Program (based towards depth of field) JPEG Quality : 100 this is a genuine picture downloaded from a camera. OK . Whiteboard:
(none) =>
MGA6-32-OK Installed 64-bit version, then updated it. Package installed cleanly. I was going to validate on that basis alone, but decided to give it a quick try on an old photo, anyway. jhead p4230003.jpg File name : p4230003.jpg File size : 377160 bytes File date : 2009:04:23 13:40:46 Camera make : OLYMPUS OPTICAL CO.,LTD Camera model : C860L,D360L Date/Time : 2009:04:23 13:40:46 Resolution : 1280 x 960 Flash used : Yes Focal length : 5.5mm Exposure time: 0.033 s (1/30) Aperture : f/11.0 ISO equiv. : 125 Metering Mode: pattern Exposure : program (auto) JPEG Quality : 95 A genuine photo, downloaded years ago, from a camera I no longer use. OK here for 64-bit. Validating. Advisory in Comment 6. Whiteboard:
MGA6-32-OK =>
MGA6-32-OK MGA-64-OK Corrected TJ's x64 OK. Advisoried from c6. Keywords:
(none) =>
advisory Oops. An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0457.html Resolution:
(none) =>
FIXED |