Fedora has issued an advisory on March 27: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/K46I2MFPCEOGC5LLDXZSWPB3EBPON3KA/ The issues are fixed upstream in 3.440.
I have uploaded a patched package for Mageia 6. We cannot upgrade to version 3.440 as this would imply a change of major and too many packages to recompile. Fedora provides a patch backporting the fixes to version 3.330, that I have imported from: https://src.fedoraproject.org/rpms/cfitsio/blob/f28/f/cfitsio-backport344.patch Suggested advisory: ======================== Updated cfitsio packages to fix security vulnerabilities: * CVE-2018-3846: Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code * CVE-2018-3848: Stack-based buffer overflow in ffghbn() allows for potential code execution * CVE-2018-3849: Stack-based buffer overflow in ffghtb() allows for potential code execution References: https://bugzilla.redhat.com/show_bug.cgi?id=1563915 https://bugzilla.redhat.com/show_bug.cgi?id=1568184 https://bugzilla.redhat.com/show_bug.cgi?id=1568189 ======================== Updated packages in core/updates_testing: ======================== cfitsio-3.430-1.1.mga6 lib(64)cfitsio5-3.430-1.1.mga6 lib(64)cfitsio-devel-3.430-1.1.mga6 lib(64)cfitsio-static-devel-3.430-1.1 Source RPMs: cfitsio-3.430-1.1.mga6.src
Assignee: eatdirt => qa-bugsCC: (none) => eatdirt
mga6, x86_64 Found no POC for these CVEs. Followed earlier procedure at https://bugs.mageia.org/show_bug.cgi?id=22855 and tested the sample data before and after updating. The libraries concern the FITS data format which was first widely used in astronomical contexts. One of its important constraints is that it must always be fully backwards compatible, ensuring that old data is always readable. Used the previously compiled status check from the Quick Start Guide https://heasarc.gsfc.nasa.gov/fitsio/fitsio.html to test the sample data before the update and recompiled it after the update. Before update: $ ./fits testprog.std > fits_before.txt After updating: $ gcc -o fits -lcfitsio example.c $ ./fits testprog.std > fits_afterwards.txt $ diff fits_before.txt fits_afterwards.txt $ $ head -8 fits_afterwards.txt SIMPLE = T / file does conform to FITS standard BITPIX = 32 / number of bits per data pixel NAXIS = 2 / number of data axes NAXIS1 = 10 / length of data axis 1 NAXIS2 = 2 / length of data axis 2 EXTEND = T / FITS dataset may contain extensions COMMENT FITS (Flexible Image Transport System) format is defined in 'Astronomy COMMENT and Astrophysics', volume 376, page 359; bibcode: 2001A&A...376..359H $ tail -5 fits_afterwards.txt COMMENT this is the 5th template card HISTORY this is the 6th template card TMPCARD7= / comment for null keyword END $ Good for 64-bits.
Whiteboard: (none) => MGA6-64-OKCC: (none) => tarazed25
Missed the utilities. Only fitscopy can be found on our system. The others may be there in some form - might need compiling or extraction or whatever. speed and cookbook are strings which occur all over the place in a locate search. speed - measures the maximum throughput (in MB per second) for writing and reading FITS files with CFITSIO. listhead - lists all the header keywords in any FITS file fitscopy - copies any FITS file (especially useful in conjunction with the CFITSIO's extended input filename syntax). cookbook - a sample program that performs common read and write operations on a FITS file. fitscopy can be used as an extraction tool to write out subsections of the data. Tested it here as a simple file copier (which is redundant) and it worked. $ fitscopy testprog.std dummy.fits
Note also that the fitstopnm command is supplied by a different package: netpbm.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0133.html
Status: NEW => RESOLVEDResolution: (none) => FIXED