| Summary: | libtiff new security issue CVE-2022-3970 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, nicolas.salguero, sysadmin-bugs, tarazed25 |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | libtiff-4.2.0-1.10.mga8.src.rpm | CVE: | CVE-2022-3970 |
| Status comment: | |||
| Bug Depends on: | 31189 | ||
| Bug Blocks: | |||
|
Description
David Walser
2022-11-25 17:08:13 CET
David Walser
2022-11-25 17:08:20 CET
Whiteboard:
(none) =>
MGA8TOO Suggested advisory: ======================== The updated packages fix security vulnerabilities: A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. (CVE-2022-3970) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970 https://ubuntu.com/security/notices/USN-5743-1 ======================== Updated packages in core/updates_testing: ======================== lib(64)tiff5-4.2.0-1.11.mga8 lib(64)tiff-devel-4.2.0-1.11.mga8 lib(64)tiff-static-devel-4.2.0-1.11.mga8 libtiff-progs-4.2.0-1.11.mga8 from SRPM: libtiff-4.2.0-1.11.mga8.src.rpm Version:
Cauldron =>
8 mageia8, x64 Clean update. Repeated tests from earlier report, bug 30228. Opened an image of mountain valley and used darktable to generate a copy with a misty appearance and lightened the scene a little. $ strace -o darktable.trace darktable glenshiel.tiff openat(AT_FDCWD, "/lib64/libtiff.so.5", O_RDONLY|O_CLOEXEC) = 3 Using an earlier raw to tiff conversion. $ tiffgt RAW_FUJI_X-T10.tif That displayed perfectly. Manipulated a TIFF image in nomacs, generating an inverted image and a magnified image as PNG and JPEG. $ strace -o nomacs.trace nomacs anna.tif $ grep libtiff nomacs.trace openat(AT_FDCWD, "/lib64/libtiff.so.5", O_RDONLY|O_CLOEXEC) = 3 $ tiffsplit greycombo.tif m Dumped the image stack as files maaa.tif, maab.tif ..... $ tifftopnm lena_color.tiff > lena.pnm tifftopnm: writing PPM file $ tiffcrop -E top -U px -m 100,100,100,100 SantaMaria.tif cropped.tif $ tiffgt cropped.tif showed a copy of the original with a border removed. No regressions in any of this. CC:
(none) =>
tarazed25 Validating. Advisory in comment 1. Keywords:
(none) =>
validated_update Updated packages in core/updates_testing: ======================== lib(64)tiff5-4.2.0-1.12.mga8 lib(64)tiff-devel-4.2.0-1.12.mga8 lib(64)tiff-static-devel-4.2.0-1.12.mga8 libtiff-progs-4.2.0-1.12.mga8 from SRPM: libtiff-4.2.0-1.12.mga8.src.rpm Whiteboard:
MGA8-64-OK =>
(none) This additional update was necessary because of the update to jbigkit in bug 31189. After updating jbigkit I used qarepo to update to the packages in Comment 4. There were no installation issues. urpmq --whatrequires lib64tiff5 produces a long list, including imagemagick and gwenview. Using an updated imagemagick (bug 29054) to convert a jpg image to tif, and in addition to convert the tif image to pbg. The imagemagick display function displayed all three images correctly. Gwenview displays the jpg and tif images, but cannot handle the jbg image, as is normal behavior. Restoring the OK, and the validation. Advisory information in Comment 1, with additional information at the beginning of this comment. Keywords:
(none) =>
validated_update
Dave Hodgins
2022-12-04 00:17:16 CET
CC:
(none) =>
davidwhodgins An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0448.html Resolution:
(none) =>
FIXED |