Fedora has issued an advisory on September 13: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OKUOTJ5FTMWQN74T3VDU57PWIVHXIOY2/ They just patched out the affected function from the bundled GD code: http://pkgs.fedoraproject.org/cgit/rpms/libwmf.git/commit/?id=e17758d24cb2e2613c2e71755dc86a21505c4140 Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO, MGA5TOOCC: (none) => nicolas.salguero
Suggested advisory: ======================== The updated packages fix a security vulnerability: Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. (CVE-2017-6362) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362 ======================== Updated packages in 5/core/updates_testing: ======================== libwmf-0.2.8.4-32.5.mga5 lib(64)wmf0.2_7-0.2.8.4-32.5.mga5 lib(64)wmf-devel-0.2.8.4-32.5.mga5 from SRPMS: libwmf-0.2.8.4-32.5.mga5.src.rpm Updated packages in 6/core/updates_testing: ======================== libwmf-0.2.8.4-37.1.mga6 lib(64)wmf0.2_7-0.2.8.4-37.1.mga6 lib(64)wmf-devel-0.2.8.4-37.1.mga6 from SRPMS: libwmf-0.2.8.4-37.1.mga6.src.rpm
Whiteboard: MGA6TOO, MGA5TOO => MGA6TOOAssignee: bugsquad => qa-bugsVersion: Cauldron => 5Status: NEW => ASSIGNED
Installed and tested without issues. Tested using the convert command from the package imagemagick to convert wmf vector images in to PNG images and checked that the PNG images looked correct. Confirmed that the library in question was being used (loaded at least) with strace. Didn't have any files of this type so I used wmf files downloaded from this site: http://all-free-download.com/free-vectors/ $ uname -a Linux marte 4.4.88-desktop-1.mga5 #1 SMP Thu Sep 14 00:03:58 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qf /usr/bin/convert imagemagick-6.9.5.2-1.mga5 $ strace -o convert.strace convert sample.wmf sample.png $ grep libwmf convert.strace open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib64/libwmflite-0.2.so.7 lib64wmf0.2_7-0.2.8.4-32.5.mga5
CC: (none) => mageia
In VirtualBox, M5.1, KDE, 64-bit Package(s) under test: libwmf lib64wmf0.2_7 lib64wmf-devel default install of libwmf lib64wmf0.2_7 & lib64wmf-devel [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-32.4.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wmf0.2_7 Package lib64wmf0.2_7-0.2.8.4-32.4.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wmf-devel Package lib64wmf-devel-0.2.8.4-32.4.mga5.x86_64 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.5.2-1.mga5 $ strace -o convert.strace convert sample1.wmf sample1.png converts to sample1.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib64/libwmflite-0.2.so.7 lib64wmf0.2_7-0.2.8.4-32.5.mga5 install libwmf lib64wmf0.2_7 & lib64wmf-devel from updates_testing [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-32.5.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wmf0.2_7 Package lib64wmf0.2_7-0.2.8.4-32.5.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wmf-devel Package lib64wmf-devel-0.2.8.4-32.5.mga5.x86_64 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.5.2-1.mga5 $ strace -o convert.strace convert sample2.wmf sample2.png converts to sample2.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib64/libwmflite-0.2.so.7 lib64wmf0.2_7-0.2.8.4-32.5.mga5
CC: (none) => wilcal.int
Whiteboard: MGA6TOO => MGA6TOO MGA6-64-OK
Whiteboard: MGA6TOO MGA6-64-OK => MGA6TOO MGA5-64-OK
In VirtualBox, M5.1, KDE, 32-bit Package(s) under test: libwmf libwmf0.2_7 libwmf-devel default install of libwmf libwmf0.2_7 & libwmf-devel [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-32.4.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwmf0.2_7 Package libwmf0.2_7-0.2.8.4-32.4.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwmf-devel Package libwmf-devel-0.2.8.4-32.4.mga5.i586 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.5.2-1.mga5 $ strace -o convert.strace convert sample1.wmf sample1.png converts to sample1.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib/libwmflite-0.2.so.7 libwmf0.2_7-0.2.8.4-32.4.mga5 install libwmf libwmf0.2_7 & libwmf-devel from updates_testing [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-32.5.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwmf0.2_7 Package libwmf0.2_7-0.2.8.4-32.5.mga5.i586 is already installed [root@localhost wilcal]# urpmi libwmf-devel Package libwmf-devel-0.2.8.4-32.5.mga5.i586 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.5.2-1.mga5 $ strace -o convert.strace convert sample2.wmf sample2.png converts to sample2.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib/libwmflite-0.2.so.7 libwmf0.2_7-0.2.8.4-32.5.mga5
Whiteboard: MGA6TOO MGA5-64-OK => MGA6TOO MGA5-32-OK MGA5-64-OK
In VirtualBox, M6, Plasma, 64-bit Package(s) under test: libwmf lib64wmf0.2_7 lib64wmf-devel default install of libwmf lib64wmf0.2_7 & lib64wmf-devel [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-37.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wmf0.2_7 Package lib64wmf0.2_7-0.2.8.4-37.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi lib64wmf-devel Package lib64wmf-devel-0.2.8.4-37.mga6.x86_64 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.8.7-1.mga6 $ strace -o convert.strace convert sample1.wmf sample1.png converts to sample1.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib64/libwmflite-0.2.so.7 lib64wmf0.2_7-0.2.8.4-37.mga6 install libwmf lib64wmf0.2_7 & lib64wmf-devel from updates_testing [root@localhost libwmf_files]# urpmi libwmf Package libwmf-0.2.8.4-37.1.mga6.x86_64 is already installed [root@localhost libwmf_files]# urpmi lib64wmf0.2_7 Package lib64wmf0.2_7-0.2.8.4-37.1.mga6.x86_64 is already installed [root@localhost libwmf_files]# urpmi lib64wmf-devel Package lib64wmf-devel-0.2.8.4-37.1.mga6.x86_64 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.8.7-1.mga6 $ strace -o convert.strace convert sample2.wmf sample2.png converts to sample1.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib64/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib64/libwmflite-0.2.so.7 lib64wmf0.2_7-0.2.8.4-37.1.mga6
Whiteboard: MGA6TOO MGA5-32-OK MGA5-64-OK => MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-64-OK
In VirtualBox, M6, KDE, 32-bit Package(s) under test: libwmf libwmf0.2_7 libwmf-devel default install of libwmf libwmf0.2_7 & libwmf-devel [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-37.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwmf0.2_7 Package libwmf0.2_7-0.2.8.4-37.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwmf-devel Package libwmf-devel-0.2.8.4-37.mga6.i586 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.8.7-1.mga6 $ strace -o convert.strace convert sample1.wmf sample1.png converts to sample1.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib/libwmflite-0.2.so.7 libwmf0.2_7-0.2.8.4-37.mga6 install libwmf libwmf0.2_7 & libwmf-devel from updates_testing [root@localhost wilcal]# urpmi libwmf Package libwmf-0.2.8.4-37.1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwmf0.2_7 Package libwmf0.2_7-0.2.8.4-37.1.mga6.i586 is already installed [root@localhost wilcal]# urpmi libwmf-devel Package libwmf-devel-0.2.8.4-37.1.mga6.i586 is already installed $ rpm -qf /usr/bin/convert imagemagick-6.9.8.7-1.mga6 $ strace -o convert.strace convert sample2.wmf sample2.png converts to sample1.png file. Opens with gimp $ grep libwmf convert.strace getcwd("/home/wilcal/libwmf_files", 4096) = 26 open("/lib/libwmflite-0.2.so.7", O_RDONLY|O_CLOEXEC) = 3 $ rpm -qf /lib/libwmflite-0.2.so.7 libwmf0.2_7-0.2.8.4-37.1.mga6
Whiteboard: MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-64-OK => MGA6TOO MGA5-32-OK MGA5-64-OK MGA6-32-OK MGA6-64-OK
Are we good to go on this one David, PC LX?
Sure.
Yes, no issues here.
This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Advisory from comments 1 & 0.
Keywords: (none) => advisoryCC: (none) => lewyssmith
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2017-0351.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED