openSUSE has issued an advisory today (January 24): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TPIWID3WJ3SMCA23W52QU3RW6AU7JCA7/ Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOO
DavidG is the best person for this update.
Assignee: bugsquad => geiger.david68210
Suggested advisory: ======================== The updated packages fix security vulnerabilities: Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file. (CVE-2021-28021) An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files. (CVE-2021-42715) An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location. (CVE-2021-42716) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28021 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42715 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42716 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TPIWID3WJ3SMCA23W52QU3RW6AU7JCA7/ ======================== Updated packages in core/updates_testing: ======================== lib(64)zxing1-1.1.1-2.1.mga8 lib(64)zxing-devel-1.1.1-2.1.mga8 from SRPM: zxing-cpp-1.1.1-2.1.mga8.src.rpm
Status: NEW => ASSIGNEDSource RPM: zxing-cpp-1.2.0-1.mga9.src.rpm => zxing-cpp-1.1.1-2.mga8.src.rpmCC: (none) => nicolas.salgueroWhiteboard: MGA8TOO => (none)Version: Cauldron => 8Assignee: geiger.david68210 => qa-bugsCVE: (none) => CVE-2021-28021, CVE-2021-42715, CVE-2021-42716
mga8, x64 Acquired a poc file for CVE-2021-28021 in the hope of finding a way to use the library. The poc is a mangled JPEG file. AFAICS testing it would require writing a C++ script to exercise the vulnerable code - a bit out of scope for QA. $ urpmq --whatrequires lib64zxing1 | uniq gstreamer1.0-plugins-bad kaidan lib64kpimitinerary5 lib64zxing-devel lib64zxing1 Installed kaidan. Turns out that this is a simple chat program to exchange texts via the jabber protocol so requires a corresponding server across the network. Might work talking to myself over the LAN. Need to think about this.
CC: (none) => tarazed25
kaidan does not start from the system menu. There is a README.md file but that does not help. $ kaidan Cyclic dependency detected between "file:///usr/lib64/qt5/qml/org/kde/kirigami.2/Units.qml" and "file:///usr/lib64/qt5/qml/org/kde/kirigami.2/Units.qml" QQmlApplicationEngine failed to load component qrc:/qml/main.qml:91:27: Type ChatPage unavailable qrc:/qml/ChatPage.qml:319:2: Type SendMediaSheet unavailable qrc:/qml/elements/SendMediaSheet.qml:79:5: Type NewMediaLoader unavailable qrc:/qml/elements/NewMediaLoader.qml:34:1: module "QtPositioning" is not installed $ kaidan -h Usage: kaidan [options] [xmpp-uri] Kaidan - A simple, user-friendly Jabber/XMPP client for every device! Options: -h, --help Displays help on commandline options. --help-all Displays help including Qt specific options. -v, --version Displays version information. --disable-xml-log Disable output of full XMPP XML stream. -m, --multiple Allow multiple instances to be started. Arguments: xmpp-uri An XMPP-URI to open (i.e. join a chat). Out of my depth here. Backing down. Updated the two libraries without any issues. Sending this out on the basis of a clean install.
Whiteboard: (none) => MGA8-64-OK
Odd that it doesn't want you talking to yourself. I do it all the time, mostly because sometimes I'm the only one who'll listen! Validating. Advisory in Comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0074.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED