[gentoo-announce] [ GLSA 200712-15 ] libexif: Multiple vulnerabilities - gentoo-announce

From:	Pierre-Yves Rofes <py@g.o>
To:	gentoo-announce@l.g.o
Cc:	full-disclosure@××××××××××××××.uk, bugtraq@×××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200712-15 ] libexif: Multiple vulnerabilities
Date:	Sat, 29 Dec 2007 13:20:15
Message-Id:	`4776468A.1060504@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200712-15

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: Normal

11

     Title: libexif: Multiple vulnerabilities

12

      Date: December 29, 2007

13

      Bugs: #202350

14

        ID: 200712-15

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

Two vulnerabilities in libexif possibly allow for the execution of

22

arbitrary code or a Denial of Service.

23

24

Background

25

==========

26

27

libexif is a library for parsing, editing and saving Exif metadata from

28

images. Exif, the Exchangeable image file format, specifies the

29

addition of metadata tags to JPEG, TIFF and RIFF files.

30

31

Affected packages

32

=================

33

34

    -------------------------------------------------------------------

35

     Package             /   Vulnerable   /                 Unaffected

36

    -------------------------------------------------------------------

37

  1  media-libs/libexif      < 0.6.16-r1                  >= 0.6.16-r1

38

39

Description

40

===========

41

42

Meder Kydyraliev (Google Security) discovered an integer overflow

43

vulnerability in the exif_data_load_data_thumbnail() function leading

44

to a memory corruption (CVE-2007-6352) and an infinite recursion in the

45

exif_loader_write() function (CVE-2007-6351).

46

47

Impact

48

======

49

50

An attacker could entice the user of an application making use of

51

libexif to load an image file with specially crafted Exif tags,

52

possibly resulting in the execution of arbitrary code with the

53

privileges of the user running the application or a Denial of Service.

54

55

Workaround

56

==========

57

58

There is no known workaround at this time.

59

60

Resolution

61

==========

62

63

All libexif users should upgrade to the latest version:

64

65

    # emerge --sync

66

    # emerge --ask --oneshot --verbose ">=media-libs/libexif-0.6.16-r1"

67

68

References

69

==========

70

71

  [ 1 ] CVE-2007-6351

72

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6351

73

  [ 2 ] CVE-2007-6352

74

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352

75

76

Availability

77

============

78

79

This GLSA and any updates to it are available for viewing at

80

the Gentoo Security Website:

81

82

  http://security.gentoo.org/glsa/glsa-200712-15.xml

83

84

Concerns?

85

=========

86

87

Security is a primary focus of Gentoo Linux and ensuring the

88

confidentiality and security of our users machines is of utmost

89

importance to us. Any security concerns should be addressed to

90

security@g.o or alternatively, you may file a bug at

91

http://bugs.gentoo.org.

92

93

License

94

=======

95

96

Copyright 2007 Gentoo Foundation, Inc; referenced text

97

belongs to its owner(s).

98

99

The contents of this document are licensed under the

100

Creative Commons - Attribution / Share Alike license.

101

102

http://creativecommons.org/licenses/by-sa/2.5

103

-----BEGIN PGP SIGNATURE-----

104

Version: GnuPG v1.4.7 (GNU/Linux)

105

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

106

107

iD8DBQFHdkaKuhJ+ozIKI5gRAs1UAJ4qtBDcz/dP/WRokGqWDsVGBR3jmgCfafCh

108

UystxWJaY5guiFl40Grh+KY=

109

=R59E

110

-----END PGP SIGNATURE-----

111

--

112

gentoo-announce@g.o mailing list

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200712-15
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: Normal
11	Title: libexif: Multiple vulnerabilities
12	Date: December 29, 2007
13	Bugs: #202350
14	ID: 200712-15
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	Two vulnerabilities in libexif possibly allow for the execution of
22	arbitrary code or a Denial of Service.
23
24	Background
25	==========
26
27	libexif is a library for parsing, editing and saving Exif metadata from
28	images. Exif, the Exchangeable image file format, specifies the
29	addition of metadata tags to JPEG, TIFF and RIFF files.
30
31	Affected packages
32	=================
33
34	-------------------------------------------------------------------
35	Package / Vulnerable / Unaffected
36	-------------------------------------------------------------------
37	1 media-libs/libexif < 0.6.16-r1 >= 0.6.16-r1
38
39	Description
40	===========
41
42	Meder Kydyraliev (Google Security) discovered an integer overflow
43	vulnerability in the exif_data_load_data_thumbnail() function leading
44	to a memory corruption (CVE-2007-6352) and an infinite recursion in the
45	exif_loader_write() function (CVE-2007-6351).
46
47	Impact
48	======
49
50	An attacker could entice the user of an application making use of
51	libexif to load an image file with specially crafted Exif tags,
52	possibly resulting in the execution of arbitrary code with the
53	privileges of the user running the application or a Denial of Service.
54
55	Workaround
56	==========
57
58	There is no known workaround at this time.
59
60	Resolution
61	==========
62
63	All libexif users should upgrade to the latest version:
64
65	# emerge --sync
66	# emerge --ask --oneshot --verbose ">=media-libs/libexif-0.6.16-r1"
67
68	References
69	==========
70
71	[ 1 ] CVE-2007-6351
72	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6351
73	[ 2 ] CVE-2007-6352
74	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352
75
76	Availability
77	============
78
79	This GLSA and any updates to it are available for viewing at
80	the Gentoo Security Website:
81
82	http://security.gentoo.org/glsa/glsa-200712-15.xml
83
84	Concerns?
85	=========
86
87	Security is a primary focus of Gentoo Linux and ensuring the
88	confidentiality and security of our users machines is of utmost
89	importance to us. Any security concerns should be addressed to
90	security@g.o or alternatively, you may file a bug at
91	http://bugs.gentoo.org.
92
93	License
94	=======
95
96	Copyright 2007 Gentoo Foundation, Inc; referenced text
97	belongs to its owner(s).
98
99	The contents of this document are licensed under the
100	Creative Commons - Attribution / Share Alike license.
101
102	http://creativecommons.org/licenses/by-sa/2.5
103	-----BEGIN PGP SIGNATURE-----
104	Version: GnuPG v1.4.7 (GNU/Linux)
105	Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
106
107	iD8DBQFHdkaKuhJ+ozIKI5gRAs1UAJ4qtBDcz/dP/WRokGqWDsVGBR3jmgCfafCh
108	UystxWJaY5guiFl40Grh+KY=
109	=R59E
110	-----END PGP SIGNATURE-----
111	--
112	gentoo-announce@g.o mailing list

Gentoo Archives: gentoo-announce