Bug 7396 - graphicsmagick new security issue CVE-2012-3438
: graphicsmagick new security issue CVE-2012-3438
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 2
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
:
: http://lwn.net/Vulnerabilities/515347/
: MGA1TOO mga2-32-OK MGA2-64-OK has_pro...
: validated_update
:
:
  Show dependency treegraph
 
Reported: 2012-09-08 04:50 CEST by David Walser
Modified: 2012-09-13 15:41 CEST (History)
5 users (show)

See Also:
Source RPM: graphicsmagick-1.3.13-1.4.mga2.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2012-09-08 04:50:05 CEST
Fedora has issued an advisory on August 21:
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086029.html

Patched package uploaded for Mageia 1, Mageia 2, and Cauldron.

Advisory:
========================

Updated graphicsmagick packages fix security vulnerability:

The Magick_png_malloc function in coders/png.c in GraphicsMagick 1.3.16 and
earlier does not use the proper variable type for the allocation size, which
might allow remote attackers to cause a denial of service (crash) via a
crafted PNG file that triggers incorrect memory allocation (CVE-2012-3438).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086029.html
========================

Updated packages in core/updates_testing:
========================
graphicsmagick-1.3.12-3.3.mga1
libgraphicsmagick3-1.3.12-3.3.mga1
libgraphicsmagickwand2-1.3.12-3.3.mga1
libgraphicsmagick-devel-1.3.12-3.3.mga1
perl-Graphics-Magick-1.3.12-3.3.mga1
graphicsmagick-doc-1.3.12-3.3.mga1
graphicsmagick-1.3.13-1.5.mga2
libgraphicsmagick3-1.3.13-1.5.mga2
libgraphicsmagickwand2-1.3.13-1.5.mga2
libgraphicsmagick-devel-1.3.13-1.5.mga2
perl-Graphics-Magick-1.3.13-1.5.mga2
graphicsmagick-doc-1.3.13-1.5.mga2

from SRPMS:
graphicsmagick-1.3.12-3.3.mga1.src.rpm
graphicsmagick-1.3.13-1.5.mga2.src.rpm
Comment 1 Carolyn Rowse 2012-09-08 08:37:54 CEST
Testing on Mga2 i586

Carolyn
Comment 2 Carolyn Rowse 2012-09-08 11:46:36 CEST
Followed the testing procedure on Mga2 i586.

Assuming the animation is supposed to come out with the first picture static and the other two moving on top of it, everything's fine.

Carolyn
Comment 3 Eduard Beliaev 2012-09-08 22:59:24 CEST
Works ok on Mageia 2 x86_64.
Comment 4 Samuel Verschelde 2012-09-10 10:46:42 CEST
Testing procedure: https://wiki.mageia.org/en/QA_procedure:GraphicsMagick
Comment 5 Eduard Beliaev 2012-09-10 18:59:35 CEST
Tested with the procedure on Mageia 2 x86_64.
Comment 6 Dave Hodgins 2012-09-10 22:09:29 CEST
Testing complete on Mageia 1 i586.  I found I had to fully qualify the
path for the images in the test.pl, but otherwise had no problems with it.

Testing Mageia 1 x86-64 shortly.
Comment 7 Dave Hodgins 2012-09-10 22:18:17 CEST
Testing complete on Mageia 1 x86-64.

Could someone from the sysadmin team push the srpm
graphicsmagick-1.3.13-1.5.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates and the srpm
graphicsmagick-1.3.12-3.3.mga1.src.rpm
from Mageia 1 Core Updates Testing to Core Updates.

Advisory: Updated graphicsmagick packages fix security vulnerability:

The Magick_png_malloc function in coders/png.c in GraphicsMagick 1.3.16 and
earlier does not use the proper variable type for the allocation size, which
might allow remote attackers to cause a denial of service (crash) via a
crafted PNG file that triggers incorrect memory allocation (CVE-2012-3438).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086029.html

https://bugs.mageia.org/show_bug.cgi?id=7396
Comment 8 Eduard Beliaev 2012-09-11 00:28:47 CEST
Testing complete on Mageia 2 i568/x86.

This package was not tested with the procedure on Mageia 2 i568/x86...
Comment 9 David Walser 2012-09-11 00:58:04 CEST
(In reply to comment #8)
> Testing complete on Mageia 2 i568/x86.
> 
> This package was not tested with the procedure on Mageia 2 i568/x86...

i586, not i568.  Please fix that in your notes if you're copy-pasting it.
Comment 10 Eduard Beliaev 2012-09-11 01:34:17 CEST
Ok, I am not copy-pasting even if I report with the same phrase always.

Thank you.
Comment 11 Thomas Backlund 2012-09-13 15:40:59 CEST
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0267
Comment 12 Thomas Backlund 2012-09-13 15:41:19 CEST
.

Note You need to log in before you can comment on or make changes to this bug.