Ubuntu has issued an advisory today (August 2): https://ubuntu.com/security/notices/USN-5028-1 Mageia 8 is also affected.
CC: (none) => nicolas.salgueroWhiteboard: (none) => MGA8TOOStatus comment: (none) => Patch available from Ubuntu
CVE-2021-31291 is solved in version 0.27.4 so Cauldron is not affected.
Suggested advisory: ======================== The updated packages fix a security vulnerability: A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0.27.3 allows attackers to cause a denial of service (DOS) via crafted metadata. (CVE-2021-31291) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31291 https://ubuntu.com/security/notices/USN-5028-1 ======================== Updated packages in core/updates_testing: ======================== exiv2-doc-0.27.3-1.2.mga8 lib(64)exiv2_27-0.27.3-1.2.mga8 exiv2-0.27.3-1.2.mga8 lib(64)exiv2-devel-0.27.3-1.2.mga8 from SRPM: exiv2-0.27.3-1.2.mga8.src.rpm
Status: NEW => ASSIGNEDCVE: (none) => CVE-2021-31291Version: Cauldron => 8Whiteboard: MGA8TOO => (none)Assignee: bugsquad => qa-bugsStatus comment: Patch available from Ubuntu => (none)
mga8, x64 CVE-2021-31291 https://github.com/Exiv2/exiv2/issues/1529 Obtained the release resources and had a go at building the ASAN version but ran into errors. Got as far as "gmake: warning: Clock skew detected. Your build may be incomplete." Out of my depth. Not really a path for QA to tread. Ran test from an earlier bug. $ exiv2 -c "Orange smog here" PIA19642Titan.jpg $ exiv2 -pc PIA19642Titan.jpg "Orange smog here" Updated the packages. $ exiv2 -c "Good morning QA" Mimas_Cassini.jpg $ strings Mimas_Cassini.jpg | grep morning Good morning QA $ strace -o thumb.trace gthumb . lcl@canopus:saturn $ grep exiv2 thumb.trace openat(AT_FDCWD, "/usr/lib64/gthumb/extensions/exiv2_tools.extension", O_RDONLY) = 26 openat(AT_FDCWD, "/usr/lib64/gthumb/extensions/libexiv2_tools.so", O_RDONLY|O_CLOEXEC) = 25 openat(AT_FDCWD, "/usr/lib64/gthumb/extensions/libexiv2.so.27", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib64/libexiv2.so.27", O_RDONLY|O_CLOEXEC) = 25 stat("/usr/lib64/gthumb/extensions/libexiv2_tools.so", {st_mode=S_IFREG|0755, st_size=156248, ...}) = 0 openat(AT_FDCWD, "/usr/share/gthumb/ui/edit-exiv2-page.ui", O_RDONLY) = 29 $ strace -o dark.trace darktable $ grep exiv2 dark.trace openat(AT_FDCWD, "/lib64/libexiv2.so.27", O_RDONLY|O_CLOEXEC) = 3 That all looks satisfactory.
Whiteboard: (none) => MGA8-64-OKCC: (none) => tarazed25
Validating. Advisory in Comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0396.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED