| Summary: | pngcheck new security issue rhbz#1902806 (CVE-2020-35511) | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, mageia, ouaurelien, sysadmin-bugs, tarazed25 |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK | ||
| Source RPM: | pngcheck-2.3.0-4.1.mga7.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2020-12-24 16:44:24 CET
David Walser
2020-12-24 16:44:41 CET
Whiteboard:
(none) =>
MGA7TOO cauldron does not seems to be affected:
"pngcheck versions 2.4.0 and earlier have a number of buffer-overrun bugs, most (but not all) of which are related to the -f option ("force continued parsing after major errors"). As such, the option has been removed altogether in version 3.0.0 (which is the reason for the major-version bump), released on 12 December 2020. All known vulnerabilities are fixed in this version, but the code is pretty crufty, so it would be safest to assume there are still some problems hidden in there. As always, use at your own risk. "CC:
(none) =>
mageia new version in mga7:
src:
pngcheck-3.0.0-1.mga7Assignee:
zen25000 =>
qa-bugs Advisory: ======================== Updated pngcheck package fixes security vulnerabilities: Multiple buffer overflow flaws were found in pngcheck 2.4.0 and older (rhbz#1902806). References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JII3RE2ULIVFVHUICD6G6VSJHJGEZBX7/ ======================== Updated packages in core/updates_testing: ======================== pngcheck-3.0.0-1.mga7 from pngcheck-3.0.0-1.mga7.src.rpm mga7, x64
Ran pngcheck without arguments on a collection of 80 PNG images, most of which passed. There were a few with errors, all of this sort:
Tatiana.png illegal (unless recently approved) unknown, public chunk eXIf
ERROR: Tatiana.png
Updated the package.
Ran the previous test:
$ pngcheck *.png
OK: audio.png (48x48, 32-bit RGB+alpha, non-interlaced, 53.7%).
OK: bg.png (512x400, 32-bit RGB+alpha, non-interlaced, 83.8%).
OK: bugz.png (566x357, 24-bit RGB, non-interlaced, 94.4%).
[...]
OK: xa4.png (512x512, 8-bit grayscale, non-interlaced, 38.9%).
No errors were detected in 80 of the 80 files tested.
$ pngcheck -p OrphanBlack.png
File: OrphanBlack.png (959909 bytes)
OK: OrphanBlack.png (1080x761, 24-bit RGB, non-interlaced, 61.1%).
$ pngcheck -t loch.png
File: loch.png (3259663 bytes)
JPEG-Quality:
75
JPEG-Colorspace:
2
JPEG-Colorspace-Name:
RGB
JPEG-Sampling-factors:
2x2,1x1,1x1
EXIF:Orientation:
1
OK: loch.png (2000x1500, 24-bit RGB, non-interlaced, 63.8%).
Good enough.Whiteboard:
(none) =>
MGA7-64-OK Validating. Advisory in Comment 3. CC:
(none) =>
andrewsfarm, sysadmin-bugs Advisory pushed to SVN. Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0479.html Resolution:
(none) =>
FIXED This is CVE-2020-35511: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4HVZNA3VAYHKC5NXBYOOMUZSZNOXRCF7/ Summary:
pngcheck new security issue rhbz#1902806 =>
pngcheck new security issue rhbz#1902806 (CVE-2020-35511) |