LTS Report for October
In October I spent 10 hours, continuing from last month, on
* Uploaded version1.3.16-1.1+deb7u10 with fixes for the following issues:
* Fix CVE-2017-14103: The ReadJNGImage and ReadOneJNGImage functions in
coders/png.c did not properly manage image pointers after certain error
* Fix CVE-2017-14314: heap-based buffer over-read in DrawDashPolygon() .
* Fix CVE-2017-14504: NULL pointer dereference triggered by malformed file.
* Fix CVE-2017-14733: Ensure we detect alpha images with too few colors.
* Fix CVE-2017-14994: DCM_ReadNonNativeImages() can produce image list with
no frames, resulting in null image pointer.
* Fix CVE-2017-14997: unsigned underflow leading to astonishingly
large allocation request.
* Immediately after upload, more issues were found. So I uploaded
version 1.3.16-1.1+deb7u11 to fix these too:
* Fix CVE-2017-13737: Fix incorrect rounding up, resulting
in scrambling the heap beyond the allocation.
* Fix CVE-2017-15277: Leaves the palette uninitialized when processing a GIF
file that has neither a global nor local palette.
I posted DLA 1130-1 to the announce list for the first issue - at least
two times, however it does not appear to have made it to the mailing
list. I posted DLA 1140-1 immediately after posting DLA-1130-1 again
and it worked. I have no idea why DLA-1130-1 didn't work but DLA-1140-1
did. I have not attempted to repost DLA 1130-1, because it could cause
confusion now that DLA 1140-1 was posted.
Brian May <email@example.com>