CVEs were assigned for some out-of-bounds memory reads fixed in ImageMagick: http://openwall.com/lists/oss-security/2014/10/29/5 The CVE-2014-8355 issue also affected, and was fixed in, GraphicsMagick: http://seclists.org/fulldisclosure/2014/Nov/1 There is also PoC information in that message. ImageMagick is being handled in Bug 14526. Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron. Advisory: ======================== Updated graphicsmagick packages fix security vulnerability: GraphicsMagick is vulnerable to an out of bounds read / heap Overflow in the function ReadPCXImage in the file pcx.c. This can be exploited by a crafted image file to cause a denial of service (CVE-2014-8355). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8355 http://seclists.org/fulldisclosure/2014/Nov/1 ======================== Updated packages in core/updates_testing: ======================== graphicsmagick-1.3.17-2.4.mga3 libgraphicsmagick3-1.3.17-2.4.mga3 libgraphicsmagickwand2-1.3.17-2.4.mga3 libgraphicsmagick-devel-1.3.17-2.4.mga3 perl-Graphics-Magick-1.3.17-2.4.mga3 graphicsmagick-doc-1.3.17-2.4.mga3 graphicsmagick-1.3.18-3.3.mga4 libgraphicsmagick3-1.3.18-3.3.mga4 libgraphicsmagickwand2-1.3.18-3.3.mga4 libgraphicsmagick-devel-1.3.18-3.3.mga4 perl-Graphics-Magick-1.3.18-3.3.mga4 graphicsmagick-doc-1.3.18-3.3.mga4 from SRPMS: graphicsmagick-1.3.17-2.4.mga3.src.rpm graphicsmagick-1.3.18-3.3.mga4.src.rpm Reproducible: Steps to Reproduce:
Testing procedure: https://wiki.mageia.org/en/QA_procedure:GraphicsMagick Also note the PoC information referenced in Comment 0.
Whiteboard: (none) => MGA3TOO has_procedure
I wasn't able to reproduce a crash with the PoC before the update. After the update, gm says "Improper image header" and "Request did not return an image." I guess this is the intended behavior, identifying it as an invalid image file. Marking OK for Mageia 3 i586 and Mageia 4 i586.
Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure MGA3-32-OK MGA4-32-OK
Advisory uploaded.
CC: (none) => remiWhiteboard: MGA3TOO has_procedure MGA3-32-OK MGA4-32-OK => MGA3TOO has_procedure MGA3-32-OK MGA4-32-OK advisory
Testing on Magaeia4 x86_64 Did not try the older version beforehand. The tests from the procedure linked in comment 1 all went well. Marking this OK for 64bit.
CC: (none) => tarazed25Whiteboard: MGA3TOO has_procedure MGA3-32-OK MGA4-32-OK advisory => MGA3TOO has_procedure MGA3-32-OK MGA4-32-OK advisory MGA4-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update ID assignment failed Checking for QA validation keyword⦠â Checking dependent bugs⦠â (None found) Checking SRPMs⦠â (4/core/graphicsmagick-1.3.18-3.3.mga4) â 'validated_update' keyword reset.
Keywords: validated_update => (none)
The SRPM name is correct. Someone manually removed all of the SRPMS from Mageia 4 updates_testing (!). Hopefully Colin can restore them.
Keywords: (none) => validated_update
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2014-0484.html
Status: NEW => RESOLVEDResolution: (none) => FIXED