Bug 25800 - jasper new security issues CVE-2018-19540 and CVE-2018-19541
Summary: jasper new security issues CVE-2018-19540 and CVE-2018-19541
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2019-12-03 18:16 CET by David Walser
Modified: 2019-12-13 19:27 CET (History)
4 users (show)

See Also:
Source RPM: jasper-2.0.14-4.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2019-12-03 18:16:54 CET 
openSUSE has issued an advisory on October 7:
https://lists.opensuse.org/opensuse-updates/2019-10/msg00050.html

The fixes are probably in 2.0.16 upstream (in Cauldron).
Comment 1 David GEIGER 2019-12-04 07:12:57 CET 
Done for both Cauldron and mga7!
Comment 2 David Walser 2019-12-04 13:38:21 CET 
Advisory:
========================

Updated jasper packages fix security vulnerabilities:

Heap based overflow in jas_icctxtdesc_input (CVE-2018-19540).

Heap based overread in jas_image_depalettize (CVE-2018-19541).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19540
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19541
https://lists.opensuse.org/opensuse-updates/2019-10/msg00050.html
========================

Updated packages in core/updates_testing:
========================
jasper-2.0.14-4.1.mga7
libjasper4-2.0.14-4.1.mga7
libjasper-devel-2.0.14-4.1.mga7

from jasper-2.0.14-4.1.mga7.src.rpm

CC: (none) => geiger.david68210
Assignee: geiger.david68210 => qa-bugs

Comment 3 Herman Viaene 2019-12-10 11:23:33 CET 
MGA7-64 Plasma on Lenovo B50
No installation issues
Ref bug 24760 Comment 4 and 6
starting with a jpg file which is the result of a conversion in Gimp from a tiff picture.
$ imginfo -f riet0022-4.jpg 
jpg 1 2013 1809 8 3641517
$ jasper --input riet0022-4.jpg --output-format jp2 --output riet0022-4.jp2
result dsiplays OK in Gimp
$ imginfo -f riet0022-4.jp2
jp2 1 2013 1809 8 3641517
$ jasper -f riet0022-4.jp2 -F riet.bmp -T bmp
result displays OK in gwenview
$ display riet.bmp
display: length and filesize do not match `riet.bmp' @ warning/bmp.c/ReadBMPImage/834.

display is also OK
$ imginfo -f riet.bmp 
THE BMP FORMAT IS NOT FULLY SUPPORTED!
THAT IS, THE JASPER SOFTWARE CANNOT DECODE ALL TYPES OF BMP DATA.
IF YOU HAVE ANY PROBLEMS, PLEASE TRY CONVERTING YOUR IMAGE DATA
TO THE PNM FORMAT, AND USING THIS FORMAT INSTEAD.
bmp 1 2013 1809 8 3641517

$ convert riet.bmp riet.ppm
convert: length and filesize do not match `riet.bmp' @ warning/bmp.c/ReadBMPImage/834.
ppm file displays OK in gwenview

Good to go

Whiteboard: (none) => MGA7-64-OK
CC: (none) => herman.viaene

Comment 4 Thomas Andrews 2019-12-10 20:11:43 CET 
Validating. Advisory in Comment 2.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 5 Rémi Verschelde 2019-12-13 16:58:27 CET 
Advisory uploaded.

Keywords: (none) => advisory

Comment 6 Mageia Robot 2019-12-13 19:27:14 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0381.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.