Bug 13218 - openjpeg new security issue CVE-2014-0158
Summary: openjpeg new security issue CVE-2014-0158
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/595038/
Whiteboard: MGA3TOO has_procedure advisory mga3-3...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-04-15 20:14 CEST by David Walser
Modified: 2014-04-17 22:38 CEST (History)
2 users (show)

See Also:
Source RPM: openjpeg-1.5.1-4.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2014-04-15 20:14:24 CEST
Fedora has issued an advisory on April 4:
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html

Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Advisory:
========================

Updated openjpeg packages fix security vulnerability:

A heap-based buffer overflow was found in the way openjpeg parsed certain
image files from a JPEG2000 image. If a specially-crafted image were opened
by an application linked against OpenJPEG, it could cause the application to
crash or, potentially, execute arbitrary code with the privileges of the user
running the application (CVE-2014-0158).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0158
https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html
========================

Updated packages in core/updates_testing:
========================
openjpeg-1.5.1-3.2.mga3
libopenjpeg5-1.5.1-3.2.mga3
libopenjpeg-devel-1.5.1-3.2.mga3
openjpeg-1.5.1-4.1.mga4
libopenjpeg5-1.5.1-4.1.mga4
libopenjpeg-devel-1.5.1-4.1.mga4

from SRPMS:
openjpeg-1.5.1-3.2.mga3.src.rpm
openjpeg-1.5.1-4.1.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
David Walser 2014-04-15 20:14:30 CEST

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2014-04-16 15:23:38 CEST
The patch is to j2k.c, so these sample test procedures should help:
http://www.openjpeg.org/index.php?menu=samples

(I found that in Bug 7510).

Whiteboard: MGA3TOO => MGA3TOO has_procedure

Comment 2 claire robinson 2014-04-16 16:46:27 CEST
Testing complete mga4 64

$ image_to_j2k -i Bretagne1.ppm -o Bretagne1.j2k -r 200,50,10

[INFO] tile number 1 / 1
[INFO] - tile encoded in 0.236000 s
Generated outfile Bretagne1.j2k


Testing the others shortly.

Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure mga4-64-ok

Comment 3 claire robinson 2014-04-16 17:01:02 CEST
Testing complete mga-all-the-others

Whiteboard: MGA3TOO has_procedure mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok

Comment 4 claire robinson 2014-04-16 17:03:43 CEST
Advisory uploaded. Validating.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

David Walser 2014-04-17 00:19:41 CEST

URL: (none) => http://lwn.net/Vulnerabilities/595038/

Comment 5 Thomas Backlund 2014-04-17 22:38:01 CEST
Update pushed:
http://advisories.mageia.org/MGASA-2014-0182.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.