Bug 32303 - giflib new security issue CVE-2023-39742
Summary: giflib new security issue CVE-2023-39742
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8TOO MGA8-64-OK MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2023-09-19 14:33 CEST by Nicolas Salguero
Modified: 2023-09-30 21:18 CEST (History)
5 users (show)

See Also:
Source RPM: giflib-5.2.1-7.mga9.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2023-09-19 14:33:21 CEST 
Fedora has issued an advisory on September 18:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O4RLSFGPBPR3FMIUJCWPGVIYIU35YGQX/

Mageia 8 and 9 are also affected.
Nicolas Salguero 2023-09-19 14:34:20 CEST

Source RPM: (none) => giflib-5.2.1-7.mga9.src.rpm
Status comment: (none) => Patch available from Fedora
CC: (none) => nicolas.salguero
Whiteboard: (none) => MGA9TOO, MGA8TOO

Comment 1 Nicolas Salguero 2023-09-19 15:13:49 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. (CVE-2023-39742)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39742
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O4RLSFGPBPR3FMIUJCWPGVIYIU35YGQX/
========================

Updated packages in 9/core/updates_testing:
========================
giflib-progs-5.2.1-7.1.mga9
lib(64)gif7-5.2.1-7.1.mga9
lib(64)gif-devel-5.2.1-7.1.mga9

from SRPM:
giflib-5.2.1-7.1.mga9.src.rpm

Updated packages in 8/core/updates_testing:
========================
giflib-progs-5.2.1-5.2.mga8
lib(64)gif7-5.2.1-5.2.mga8
lib(64)gif-devel-5.2.1-5.2.mga8

from SRPM:
giflib-5.2.1-5.2.mga8.src.rpm

Whiteboard: MGA9TOO, MGA8TOO => MGA8TOO
Assignee: bugsquad => qa-bugs
Status comment: Patch available from Fedora => (none)
Status: NEW => ASSIGNED
Version: Cauldron => 9

Comment 2 Herman Viaene 2023-09-25 11:24:17 CEST 
MGA8-64 Xfce on Acer  Aspire 5253
No installation issues
Following lead in bug 30671 Comment 3
$ giftool -f "%v\n%w x %h\n" < wapen_merksem.gif 
GIF89a
50 x 60
$ giftext -c < wapen_merksem.gif 

Stdin:

	Screen Size - Width = 50, Height = 60.
	ColorResolution = 8, BitsPerPixel = 8, BackGround = 0, Aspect = 0.
	Has Global Color Map.

	Global Color Map:
	Sort Flag: off
  0: bch bdh c4h     1: e4h dch deh     2: f3h eeh eeh     3: f9h f8h f6h   
  4: fbh fch fch     5: feh fdh feh     6: ffh feh ffh     7: ffh ffh ffh   
  8: fch ffh ffh     9: ffh ffh fdh    10: feh ffh fah    11: e9h e7h e7h   
etc.......and at the end:
GIF89 graphics control (Ext Code = 249 [ ]):
	Disposal Mode: 0
	User Input Flag: 0
	Transparency on: no
	DelayTime: 0
	Transparent Index: -1

Image #1:

	Image Size - Left = 0, Top = 0, Width = 50, Height = 60.
	Image is Non Interlaced.
	No Image Color Map.

GIF file terminated normally.

$ gifclrmp -s  < wapen_merksem.gif  > colourmap.txt
[tester8@mach7 Pictures]$ cat colourmap.txt
  0 188 189 196
  1 228 220 222
  2 243 238 238
  3 249 248 246
etc.....
$ gifclrmp -g 2.2  <wapen_merksem.gif >coulourmap
Generates image with lighter tones
$ file coulourmap
coulourmap: GIF image data, version 87a, 50 x 60
$ gif2rgb -c 8 -o rgbtest wapen_merksem.gif 
Generates 3 binary files
Results inline with ref, so OK

CC: (none) => herman.viaene
Whiteboard: MGA8TOO => MGA8TOO MGA8-64-OK

Comment 3 Herman Viaene 2023-09-26 10:26:49 CEST 
MGA9-64 Xfce on Acer  Aspire 5253
No installation issues
Repeating tests from Comment 2 above:
$ giftool -f "%v\n%w x %h\n" < wapen_merksem.gif 
GIF89a
50 x 60
$ giftext -c < wapen_merksem.gif 

Stdin:

	Screen Size - Width = 50, Height = 60.
	ColorResolution = 8, BitsPerPixel = 8, BackGround = 0, Aspect = 0.
	Has Global Color Map.

	Global Color Map:
	Sort Flag: off
  0: bch bdh c4h     1: e4h dch deh     2: f3h eeh eeh     3: f9h f8h f6h   
  4: fbh fch fch     5: feh fdh feh     6: ffh feh ffh     7: ffh ffh ffh   
  8: fch ffh ffh     9: ffh ffh fdh    10: feh ffh fah    11: e9h e7h e7h   
 12: d2h cdh ceh    13: d9h d6h d6h    14: c5h c5h c9h    15: e3h cdh a7h   
etc......
at  the end:
GIF89 graphics control (Ext Code = 249 [ ]):
	Disposal Mode: 0
	User Input Flag: 0
	Transparency on: no
	DelayTime: 0
	Transparent Index: -1

Image #1:

	Image Size - Left = 0, Top = 0, Width = 50, Height = 60.
	Image is Non Interlaced.
	No Image Color Map.

GIF file terminated normally.

$ gifclrmp -s  < wapen_merksem.gif  > colourmap.txt
[tester9@mach7 Pictures]$ cat colourmap.txt
  0 188 189 196
  1 228 220 222
  2 243 238 238
  3 249 248 246
  4 251 252 252
  5 254 253 254
etc.....
$ gifclrmp -g 2.2  <wapen_merksem.gif >coulourmap
Generates image with lighter tones
$ file coulourmap
coulourmap: GIF image data, version 87a, 50 x 60
$ gif2rgb -c 8 -o rgbtest wapen_merksem.gif
Generates 3 binary files
Results inline with Comment 2, so OK

Whiteboard: MGA8TOO MGA8-64-OK => MGA8TOO MGA8-64-OK MGA9-64-OK

Comment 4 Thomas Andrews 2023-09-27 13:48:06 CEST 
Validating. Advisory in comment 1.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Marja Van Waes 2023-09-30 16:23:41 CEST

CC: (none) => marja11
Keywords: (none) => advisory

Comment 5 Mageia Robot 2023-09-30 21:18:42 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0278.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.