Bug 20616 - jhead new security issue CVE-2016-3822
Summary: jhead new security issue CVE-2016-3822
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA5TOO advisory MGA5-64-OK MGA5-32-OK
Keywords: Triaged, validated_update
Depends on:
Blocks:
 
Reported: 2017-04-01 21:38 CEST by David Walser
Modified: 2017-04-04 08:45 CEST (History)
4 users (show)

See Also:
Source RPM: jhead-3.00-2.mga6.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2017-04-01 21:38:09 CEST
Debian has issued an advisory on March 31:
https://www.debian.org/security/2017/dsa-3825

Mageia 5 is also affected.
David Walser 2017-04-01 21:38:16 CEST

Whiteboard: (none) => MGA5TOO

Marja Van Waes 2017-04-01 23:20:59 CEST

Keywords: (none) => Triaged
CC: (none) => marja11
Assignee: bugsquad => jani.valimaa

Comment 1 Jani Välimaa 2017-04-02 12:21:42 CEST
Fixed in cauldron[1] and in mga5[2] core/updates_testing.

[1] jhead-3.00-3.mga6
[2] jhead-2.97-4.1.mga5

CC: (none) => jani.valimaa
Assignee: jani.valimaa => qa-bugs

Comment 2 Dave Hodgins 2017-04-04 03:45:47 CEST
No POC image provided, so just testing that the update installs cleanly and
a basic function works.

$ jhead /usr/share/doc/fontforge/htdocs/MetalType.jpeg|grep Comment
Comment      : Created with The GIMP

Same output on Mageia 5 i586, x86_64, both before and after the update.

Validating the update.

Advisory loaded to svn with ...
$ cat 20616.adv 
type: security
subject: Updated jhead packages fix security vulnerability
CVE:
 - CVE-2016-3822
src:
  5:
   core:
     - jhead-2.97-4.1.mga5
description: |
  It was discovered that jhead, a tool to manipulate the non-image part of
  EXIF compliant JPEG files, is prone to an out-of-bounds access
  vulnerability, which may result in denial of service or, potentially, the
  execution of arbitrary code if an image with specially crafted EXIF data
  is processed.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20616
 - https://www.debian.org/security/2017/dsa-3825
 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858213

Keywords: (none) => validated_update
Whiteboard: MGA5TOO => MGA5TOO advisory MGA5-64-OK MGA5-32-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 3 Mageia Robot 2017-04-04 08:45:08 CEST
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0105.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.