Fedora has issued an advisory on March 19: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLDUDJOWZAKBQMQ7XYNJTRCFPOB56BOE/ Mageia 9 is also affected.
Whiteboard: (none) => MGA9TOOCVE: (none) => CVE-2023-47995, CVE-2023-47997Source RPM: (none) => freeimage-3.18.0-10.mga9.src.rpm
[ 1 ] Bug #2257661 - CVE-2023-47995 freeimage: Buffer Overflow vulnerability in FreeImage_AllocateBitmap [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257661 http://bugzilla.redhat.com/show_bug.cgi?id=2257652 https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47995 just documents the fault in code detail, but offers no cure yet. [ 2 ] Bug #2257665 - CVE-2023-47997 freeimage: infinite loop exits in Load in PluginTIFF.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257665 http://bugzilla.redhat.com/show_bug.cgi?id=2257654 https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47997 Same scenario: ends up documenting the fault in code detail, but no fix offered yet. So what do we do?
CC: (none) => lewyssmith
BUT, re the CVEs, the advisory does say: "Add downstream fixes for CVE-2023-47995 and CVE-2023-47997. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 10 2024 Sandro Mani <manisandro(a)gmail.com> - 3.19.0-0.23.svn1909 - Add downstream patches for CVE-2023-47997, CVE-2023-47995 "This update can be installed with the "dnf" update program." So there is a fix lurking somewhere... I could find nothing on the project site. The Fedora advisory mentions two parallel issues: [ 3 ] Bug #2257666 - CVE-2023-47995 mingw-freeimage: FreeImage: Buffer Overflow vulnerability in FreeImage_AllocateBitmap [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257666 [ 4 ] Bug #2257670 - CVE-2023-47997 mingw-freeimage: FreeImage: infinite loop exits in Load in PluginTIFF.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257670 We do not seem to have these mingw things.
CC: lewyssmith => (none)Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated packages fix security vulnerabilities: Buffer Overflow vulnerability in FreeImage_AllocateBitmap. (CVE-2023-47995) Infinite loop exits in Load in PluginTIFF.cpp. (CVE-2023-47997) References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VLDUDJOWZAKBQMQ7XYNJTRCFPOB56BOE/ ======================== Updated packages in core/updates_testing: ======================== lib(64)freeimage3-3.18.0-10.1.mga9 lib(64)freeimage-devel-3.18.0-10.1.mga9 lib(64)freeimageplus3-3.18.0-10.1.mga9 from SRPM: freeimage-3.18.0-10.1.mga9.src.rpm
Status: NEW => ASSIGNEDWhiteboard: MGA9TOO => (none)Version: Cauldron => 9Assignee: pkg-bugs => qa-bugs
Keywords: (none) => advisory
RH mageia 9 x86_64 LC_ALL=C urpmi --auto --auto-update medium "QA Testing (32-bit)" is up-to-date medium "QA Testing (64-bit)" is up-to-date medium "Core Release (distrib1)" is up-to-date medium "Core Updates (distrib3)" is up-to-date medium "Nonfree Release (distrib11)" is up-to-date medium "Nonfree Updates (distrib13)" is up-to-date medium "Tainted Release (distrib21)" is up-to-date medium "Tainted Updates (distrib23)" is up-to-date medium "Core 32bit Release (distrib31)" is up-to-date medium "Core 32bit Updates (distrib32)" is up-to-date medium "Nonfree 32bit Release (distrib36)" is up-to-date medium "Tainted 32bit Release (distrib41)" is up-to-date medium "Tainted 32bit Updates (distrib42)" is up-to-date installing lib64freeimageplus3-3.18.0-10.1.mga9.x86_64.rpm lib64freeimage3-3.18.0-10.1.mga9.x86_64.rpm lib64freeimage-devel-3.18.0-10.1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ###################################################################################### 1/3: lib64freeimage3 ###################################################################################### 2/3: lib64freeimageplus3 ###################################################################################### 3/3: lib64freeimage-devel ###################################################################################### 1/3: removing lib64freeimage-devel-1:3.18.0-10.mga9.x86_64 ###################################################################################### 2/3: removing lib64freeimageplus3-1:3.18.0-10.mga9.x86_64 ###################################################################################### 3/3: removing lib64freeimage3-1:3.18.0-10.mga9.x86_64 ###################################################################################### writing /var/lib/rpm/installed-through-deps.list The following packages: libimath3_1_29-3.1.6-3.mga9.i586 libjxr-devel-1.1-6.mga9.i586 libjxr0-1.1-6.mga9.i586 are now orphaned, if you wish to remove them, you can use "urpme --auto-orphans" Not sure why the orphans urpmq --whatrequires lib64freeimage3 lib64abydos0.2-plugins lib64abydos0.2-plugins lib64cegui0_2 lib64freeimage-devel lib64freeimage3 lib64freeimageplus3 lib64harbour-freeimage3 lib64ogre1.9.1 megasync navit nvidia-cuda-toolkit-samples-bins photoqt posterazor slade Test posterazor not issues detected
CC: (none) => andrewsfarm
Whiteboard: (none) => MGA9-64-OK
Save me of myself if the test is not enough
Looks OK to me. Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0087.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED