13218 – openjpeg new security issue CVE-2014-0158

Bug 13218 - openjpeg new security issue CVE-2014-0158

Summary: openjpeg new security issue CVE-2014-0158

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	4
Hardware:	i586 Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/595038/
Whiteboard:	MGA3TOO has_procedure advisory mga3-3...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2014-04-15 20:14 CEST by David Walser
Modified:	2014-04-17 22:38 CEST (History)
CC List:	2 users (show)

See Also:
Source RPM:	openjpeg-1.5.1-4.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2014-04-15 20:14:24 CEST

Fedora has issued an advisory on April 4:
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html

Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Advisory:
========================

Updated openjpeg packages fix security vulnerability:

A heap-based buffer overflow was found in the way openjpeg parsed certain
image files from a JPEG2000 image. If a specially-crafted image were opened
by an application linked against OpenJPEG, it could cause the application to
crash or, potentially, execute arbitrary code with the privileges of the user
running the application (CVE-2014-0158).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0158
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html
========================

Updated packages in core/updates_testing:
========================
openjpeg-1.5.1-3.2.mga3
libopenjpeg5-1.5.1-3.2.mga3
libopenjpeg-devel-1.5.1-3.2.mga3
openjpeg-1.5.1-4.1.mga4
libopenjpeg5-1.5.1-4.1.mga4
libopenjpeg-devel-1.5.1-4.1.mga4

from SRPMS:
openjpeg-1.5.1-3.2.mga3.src.rpm
openjpeg-1.5.1-4.1.mga4.src.rpm

Reproducible: 

Steps to Reproduce:

David Walser 2014-04-15 20:14:30 CEST

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2014-04-16 15:23:38 CEST

The patch is to j2k.c, so these sample test procedures should help:
http://www.openjpeg.org/index.php?menu=samples

(I found that in Bug 7510).

Whiteboard: MGA3TOO => MGA3TOO has_procedure

Comment 2 claire robinson 2014-04-16 16:46:27 CEST

Testing complete mga4 64

$ image_to_j2k -i Bretagne1.ppm -o Bretagne1.j2k -r 200,50,10

[INFO] tile number 1 / 1
[INFO] - tile encoded in 0.236000 s
Generated outfile Bretagne1.j2k


Testing the others shortly.

Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure mga4-64-ok

Comment 3 claire robinson 2014-04-16 17:01:02 CEST

Testing complete mga-all-the-others

Whiteboard: MGA3TOO has_procedure mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok

Comment 4 claire robinson 2014-04-16 17:03:43 CEST

Advisory uploaded. Validating.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

David Walser 2014-04-17 00:19:41 CEST

URL: (none) => http://lwn.net/Vulnerabilities/595038/

Comment 5 Thomas Backlund 2014-04-17 22:38:01 CEST

Update pushed:
http://advisories.mageia.org/MGASA-2014-0182.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.