+++ This bug was initially created as a clone of Bug #15910 +++ An advisory has been issued today (May 11): http://www.ocert.org/advisories/ocert-2015-006.html Darktable 1.2.3-4.2 in Mageia 4 and 1.6.3-1 in Mageia 5 both bundle libraw 0.14.7 and are therefore also vulnerable.
Blocks: (none) => 15910Depends on: 15910 => (none)Source RPM: libraw, dcraw, ufraw, rawtherapee, kodi, darktable => darktable
Removing unneeded CCs, it looks like cloning bug 15910 was not the best procedure :)
CC: anssi.hannula, fundawang, jani.valimaa, rverschelde, shlomif => (none)
Assignee: bugsquad => rverschelde
darktable-1.2.3-4.3.mga4 submitted to Mageia 4 core/updates_testing. Freeze push requested for darktable-1.6.6-1.mga5 with the same patch.
Whiteboard: (none) => MGA4TOO
darktable-1.6.6-1.mga5 has been freeze pushed and should fix the issue for Mageia 5.
Version: Cauldron => 4Whiteboard: MGA4TOO => (none)
Assigning to QA. Suggested advisory: =================== Updated darktable package fixes security vulnerability The dcraw tool bundled in darktable's libraw copy suffers from an integer overflow condition which leads to a buffer overflow. A maliciously crafted raw image file can be used to trigger the vulnerability, causing a Denial of Service condition. The bundled dcraw code has been patched to fix this vulnerability. References: - http://www.ocert.org/advisories/ocert-2015-006.html - https://bugs.mageia.org/show_bug.cgi?id=15910 - https://bugs.mageia.org/show_bug.cgi?id=15915 SRPM: ===== - darktable-1.2.3-4.3.mga4 RPM: ==== - darktable-1.2.3-4.3.mga4
Assignee: rverschelde => qa-bugs
Please add the CVE to the advisory (CVE-2015-3885). You can use this reference unless the oCert advisory is updated to include the CVE: http://openwall.com/lists/oss-security/2015/05/12/8
Summary: libraw integer overflow security issue in darktable => libraw integer overflow security issue in darktable (CVE-2015-3885)
Testing complete mga4 64 User darktable to open several types of raw image files
Whiteboard: (none) => has_procedure mga4-64-ok
Testing complete mga4 32, as comment 6
Whiteboard: has_procedure mga4-64-ok => has_procedure mga4-32-ok mga4-64-ok
Validating. Advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga4-32-ok mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0222.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/644511/