Ubuntu has issued an advisory on June 9: https://usn.ubuntu.com/4386-1/ Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
In the absence of a registered maintainer, assigning to DavidG as the active maintainer of this SRPM.
Assignee: bugsquad => geiger.david68210
Done for both Cauldron and mga7!
Advisory: ======================== Updated libjpeg packages fix security vulnerability: libjpeg-turbo 2.0.4 has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file (CVE-2020-13790). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790 https://usn.ubuntu.com/usn/usn-4386-1 ======================== Updated packages in core/updates_testing: ======================== libjpeg8-2.0.4-1.1.mga7 libjpeg62-2.0.4-1.1.mga7 libturbojpeg0-2.0.4-1.1.mga7 libjpeg-devel-2.0.4-1.1.mga7 libjpeg-static-devel-2.0.4-1.1.mga7 jpeg-progs-2.0.4-1.1.mga7 from libjpeg-2.0.4-1.1.mga7.src.rpm
Assignee: geiger.david68210 => qa-bugsCC: (none) => geiger.david68210Whiteboard: MGA7TOO => (none)Version: Cauldron => 7
mga7, x86_64 CVE-2020-13790 https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433 $ valgrind -q cjpeg reproducer ==6825== Invalid read of size 1 ==6825== at 0x403D5A: ??? (in /usr/bin/cjpeg) ==6825== by 0x4025F2: main (in /usr/bin/cjpeg) ==6825== Address 0x4ad0dba is 6 bytes before a block of size 15,927 alloc'd ==6825== at 0x4834753: malloc (vg_replace_malloc.c:309) [...] Premature end of input file $ cjpeg reproducer Premature end of input file Ran the updates. $ valgrind -q cjpeg reproducer Premature end of input file $ cjpeg reproducer Premature end of input file Problem fixed by the look of it. Repeating utility tests reported in Bug 25296 - just cut and paste. Results are current. $ wrjpgcom -comment "Experimental comment for QA" newfile.jpg > withcomment.jpg $ rdjpgcom withcomment.jpg Experimental comment for QA $ jpegtran -flip horizontal JessicaAlba.jpg > flipped.jpg $ jpegtran -flip vertical LochLubnaig_4.jpg > upsidedown.jpg $ jpegtran -transpose workspace.jpg > work1.jpg $ jpegtran -transverse workspace.jpg > work2.jpg $ jpegtran -grayscale JessicaAlba.jpg > greyscale.jpg $ jpegtran -perfect -rotate 90 work1.jpg > work3.jpg $ jpegtran -crop 800x640+300+200 workspace.jpg > work4.jpg $ eom flipped.jpg upsidedown.jpg work* greyscale.jpg Each image looked as expected. Everything looks fine.
Whiteboard: (none) => MGA7-64-OKCC: (none) => tarazed25
Whiteboard: MGA7-64-OK => (none)
Forgot to look at cjpeg which has multiple options. Sticking to the simplest. $ cjpeg -quality 70 test.ppm > test.jpg $ ll test* -rw-r--r-- 1 lcl lcl 11196343 Jun 16 18:13 test.jpg -rw-r--r-- 1 lcl lcl 2147490094 Nov 15 2019 test.ppm $ identify test.* test.jpg JPEG 26755x26755 26755x26755+0+0 8-bit sRGB 10.6777MiB 0.000u 0:00.000 test.ppm PPM 26755x26755 26755x26755+0+0 8-bit sRGB 2.00001GiB 3.970u 0:02.974 display takes forever to render the jpeg image. It provides a pan icon. This may have exceeded some internal limits for ImageMagick so it seemed wise to crash it. eom crashes anyway. The test image seems to have a valid header. Tried something more reasonable. $ cjpeg -quality 50 JessicaAlba.ppm > jessica_x.jpg $ ll JessicaAlba.ppm jessica_x.jpg -rw-r--r-- 1 lcl lcl 3225616 Jun 19 2019 JessicaAlba.ppm -rw-r--r-- 1 lcl lcl 61239 Jun 16 18:33 jessica_x.jpg $ identify JessicaAlba.ppm jessica_x.jpg JessicaAlba.ppm PPM 1200x896 1200x896+0+0 8-bit sRGB 3.07619MiB 0.010u 0:00.006 jessica_x.jpg JPEG 1200x896 1200x896+0+0 8-bit sRGB 61239B 0.000u 0:00.000 There was no discernible difference when the images were compared using display. Good enough.
Whiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 3.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => mageia
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0267.html
Status: NEW => RESOLVEDResolution: (none) => FIXED