Debian has issued an advisory on March 24: https://www.debian.org/security/2017/dsa-3817 Mageia 5 may also be affected.
Whiteboard: (none) => MGA5TOO
Assigning to the registered maintainer.
CC: (none) => marja11Assignee: bugsquad => mageia
CVE: (none) => CVE-2016-9601
Fixed in cauldron
Whiteboard: MGA5TOO => (none)Version: Cauldron => 5
Fedora has issued an advisory on May 6: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CMOLQQO2AYM3T3SKPNN2GAB3WAPH7PKK/ The CVE-2017-7975 issue appears to actually be in jbig2dec: https://bugzilla.redhat.com/show_bug.cgi?id=1443940
Severity: normal => majorSummary: jbig2dec new security issue CVE-2016-9601 => jbig2dec new security issues CVE-2016-9601 and CVE-2017-7975Version: 5 => CauldronWhiteboard: (none) => MGA5TOO
Same with CVE-2017-7976: https://bugzilla.redhat.com/show_bug.cgi?id=1443897
Summary: jbig2dec new security issues CVE-2016-9601 and CVE-2017-7975 => jbig2dec new security issues CVE-2016-9601 and CVE-2017-797[56]
Same with CVE-2017-7885: https://bugzilla.redhat.com/show_bug.cgi?id=1444104
Summary: jbig2dec new security issues CVE-2016-9601 and CVE-2017-797[56] => jbig2dec new security issues CVE-2016-9601, CVE-2017-797[56], and CVE-2017-7885
Fedora advisory for jbig2dec from May 14: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XWQQMCDLDOZ535O3IKFQZE3VPCWC3HWH/
URL: (none) => http://www.linuxsecurity.com/content/view/171514/170/CC: (none) => zombie_ryushu
Fedora patch added in Cauldron in jbig2dec-0.13-3.mga6 to fix the rest of these.
Version: Cauldron => 5Whiteboard: MGA5TOO => (none)
Updated and patched package uploaded for Mageia 5. Advisory: ======================== Updated jbig2dec packages fix security vulnerabilities: Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened (CVE-2016-9601). Artifex jbig2dec has a heap-based buffer over-read leading to denial of service (application crash) because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file (CVE-2017-7885). Artifex jbig2dec allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code (CVE-2017-7975). Artifex jbig2dec allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) (CVE-2017-7976). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9601 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976 https://www.debian.org/security/2017/dsa-3817 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XWQQMCDLDOZ535O3IKFQZE3VPCWC3HWH/ ======================== Updated packages in core/updates_testing: ======================== jbig2dec-0.13-1.mga5 libjbig2dec0-0.13-1.mga5 libjbig2dec-devel-0.13-1.mga5 from jbig2dec-0.13-1.mga5.src.rpm
Assignee: mageia => qa-bugs
I couldn't find any public examples of the poc files, or any jbig2 compressed files, so validating the update based only on the update installing cleanly over the prior version.
Keywords: (none) => validated_updateWhiteboard: (none) => advisory MGA5-64-OK MGA6-64-OKCC: (none) => davidwhodgins, sysadmin-bugs
Whiteboard: advisory MGA5-64-OK MGA6-64-OK => advisory MGA5-32-OK MGA6-64-OK
Whiteboard: advisory MGA5-32-OK MGA6-64-OK => advisory MGA5-32-OK MGA5-64-OK
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0206.html
Status: NEW => RESOLVEDResolution: (none) => FIXED