A CVE has been assigned for a security issue fixed upstream in libgd: http://openwall.com/lists/oss-security/2016/10/15/6 The commit to fix it is linked in the message above.
Whiteboard: (none) => MGA5TOO
Done for both Cauldron and mga5!
CC: (none) => geiger.david68210
(In reply to David GEIGER from comment #1) > Done for both Cauldron and mga5! Thanks David :-) Changing version to 5, since the package already landed in cauldron. Assigning to you, because I assume you need this report to add an advisory to and to assign to QA team for testing in Mga5.
CC: (none) => marja11Version: Cauldron => 5Assignee: bugsquad => geiger.david68210Whiteboard: MGA5TOO => (none)
Debian has issued an advisory for this on October 14: https://www.debian.org/security/2016/dsa-3693 It also fixes CVE-2016-6911, which corresponds to the 0020-Fix-invalid-read-in-gdImageCreateFromTiffPtr.patch patch in http://security.debian.org/debian-security/pool/updates/main/libg/libgd2/libgd2_2.1.0-5+deb8u7.debian.tar.xz Our package doesn't yet have this patch.
URL: (none) => http://lwn.net/Vulnerabilities/703979/Version: 5 => CauldronSummary: libgd new security issue CVE-2016-8670 => libgd new security issues CVE-2016-6911 and CVE-2016-8670Whiteboard: (none) => MGA5TOO
This debian patch does not apply in current 2.2.3 release and I don't found any upstream fix about CVE-2016-6911.
(In reply to David GEIGER from comment #4) > This debian patch does not apply in current 2.2.3 release and I don't found > any upstream fix about CVE-2016-6911. Maybe the patch Ubuntu used for 2.2.1 will help: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6911.html
So ok! patch based on ubuntu for CVE-2016-6911 applied now for both mga5 and cauldron!
Thanks David. It appears that we are good to go with this one after all. Advisory: ======================== Updated libgd packages fix security vulnerabilities: Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed Tiff images. If a user or automated system were tricked into processing a specially crafted Tiff image, an attacker could cause a denial of service (CVE-2016-6911). Emmanuel Law discovered that the GD library incorrectly handled certain strings when creating images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service, or possibly execute arbitrary code (CVE-2016-8670). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670 http://www.ubuntu.com/usn/usn-3117-1 ======================== Updated packages in core/updates_testing: ======================== libgd3-2.2.3-1.2.mga5 libgd-devel-2.2.3-1.2.mga5 libgd-static-devel-2.2.3-1.2.mga5 gd-utils-2.2.3-1.2.mga5 from libgd-2.2.3-1.2.mga5.src.rpm
Version: Cauldron => 5Assignee: geiger.david68210 => qa-bugsWhiteboard: MGA5TOO => (none)Severity: normal => major
Fixing the subrel. Advisory: ======================== Updated libgd packages fix security vulnerabilities: Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed Tiff images. If a user or automated system were tricked into processing a specially crafted Tiff image, an attacker could cause a denial of service (CVE-2016-6911). Emmanuel Law discovered that the GD library incorrectly handled certain strings when creating images. If a user or automated system were tricked into processing a specially crafted image, an attacker could cause a denial of service, or possibly execute arbitrary code (CVE-2016-8670). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670 http://www.ubuntu.com/usn/usn-3117-1 ======================== Updated packages in core/updates_testing: ======================== libgd3-2.2.3-1.4.mga5 libgd-devel-2.2.3-1.4.mga5 libgd-static-devel-2.2.3-1.4.mga5 gd-utils-2.2.3-1.4.mga5 from libgd-2.2.3-1.4.mga5.src.rpm
The following 7 packages are going to be installed: - gd-utils-2.2.3-1.4.mga5.x86_64 - lib64gd-devel-2.2.3-1.4.mga5.x86_64 - lib64gd-static-devel-2.2.3-1.4.mga5.x86_64 - lib64gd3-2.2.3-1.4.mga5.x86_64 - lib64jbig-devel-2.1-3.mga5.x86_64 - lib64tiff-devel-4.0.7-1.mga5.x86_64 - lib64xpm-devel-3.5.11-4.mga5.x86_64 3.4MB of additional disk space will be used. 1MB of packages will be retrieved. I did this in 32 bit with plain php command, but you cannot see the graphics, you need a browser. I'll attach php script. works as designed.
CC: (none) => brtians1Whiteboard: (none) => mga5-32-ok mga5-64-ok
Created attachment 8813 [details] lib gd test php script This works best if from an apache web server executing php. Then you can see the pie chart.
Validated & advisoried.
Keywords: (none) => validated_updateWhiteboard: mga5-32-ok mga5-64-ok => mga5-32-ok mga5-64-ok advisoryCC: (none) => lewyssmith, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0421.html
Status: NEW => RESOLVEDResolution: (none) => FIXED