[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#769768: marked as done (unblock: [security] imagemagick/8:6.8.9.9-3)

Your message dated Sun, 16 Nov 2014 11:13:50 +0000
with message-id <1416136430.19889.12.camel@adam-barratt.org.uk>
and subject line Re: Bug#769768: unblock: [security] imagemagick/8:6.8.9.9-3
has caused the Debian Bug report #769768,
regarding unblock: [security] imagemagick/8:6.8.9.9-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
769768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769768
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: important
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package imagemagick

It fix  CVE-2014-8716 (a two line change).

I have also updated previous changelog entry with proper CVE.

diff -Nru imagemagick-6.8.9.9/debian/changelog imagemagick-6.8.9.9/debian/changelog
--- imagemagick-6.8.9.9/debian/changelog	2014-10-28 18:48:23.000000000 +0100
+++ imagemagick-6.8.9.9/debian/changelog	2014-11-12 21:58:20.000000000 +0100
@@ -1,3 +1,13 @@
+imagemagick (8:6.8.9.9-3) unstable; urgency=high
+
+  * Fix a security bug (DOS). Some special crafted JPEG
+    files could create a dos due to missing check in
+    embeded EXIF properties (EXIF directory offsets
+    must be greater than 0). Fix CVE-2014-8716
+    (Closes: #768494).
+
+ -- Bastien Roucariès <roucaries.bastien+debian@gmail.com>  Fri, 07 Nov 2014 21:16:20 +0100
+
 imagemagick (8:6.8.9.9-2) unstable; urgency=high
 
   * Remove build-dep loop. Remove inkscape.
@@ -9,10 +19,11 @@
   * New upstream version, fixing four security problems:
     - Remotely DOS: "convert +profile regression enters 
       infinite loop exhausting memory", thanks to 
-      Yuri D'Elia (Closes: #764872).
-    - Fixed buffer overflow in PCX and DCM coder.
+      Yuri D'Elia (Closes: #764872). Fix CVE-2014-8561.
+    - Fixed buffer overflow in PCX and DCM coder. Fix
+      CVE-2014-8562 and CVE-2014-8355.
     - Don't clone a 0x0 image breaking some assumption
-      in client code.
+      in client code. Fix CVE-2014-8354.
     - Off-by-one count when parsing an 8BIM profile.
   * Fix identify -quiet has non zero exit code on warnings
     (Closes:  #763686).
diff -Nru imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch
--- imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch	2014-10-28 18:50:28.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch	2014-11-15 14:47:56.000000000 +0100
@@ -82,5 +82,5 @@
  # If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
  # enable generation of interactive SVG images that allow zooming and panning.
 -- 
-2.1.1
+2.1.3
 
diff -Nru imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch
--- imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch	2014-10-28 18:50:29.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch	2014-11-15 14:47:56.000000000 +0100
@@ -5152,5 +5152,5 @@
 +<!-- Magick Cache 25th July 2014 04:06 -->
 +
 -- 
-2.1.1
+2.1.3
 
diff -Nru imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch
--- imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch	2014-10-28 18:50:30.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch	2014-11-15 14:47:57.000000000 +0100
@@ -2290,5 +2290,5 @@
 \ No newline at end of file
 +<!-- Magick Cache 25th July 2014 05:32 -->
 -- 
-2.1.1
+2.1.3
 
diff -Nru imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch
--- imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch	2014-10-28 18:50:30.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch	2014-11-15 14:47:57.000000000 +0100
@@ -162,5 +162,5 @@
  
  </div>
 -- 
-2.1.1
+2.1.3
 
diff -Nru imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch
--- imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch	1970-01-01 01:00:00.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch	2014-11-15 14:47:57.000000000 +0100
@@ -0,0 +1,33 @@
+From b61b7f4f0e705b6a9a9ba8b8af898a406b0fc87e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com>
+Date: Fri, 7 Nov 2014 21:05:07 +0100
+Subject: [PATCH] Avoid crash and DOS with special crafted jpeg file
+
+Some special crafted JPEG file could lead to dos due to missing check in
+embeded EXIF properties (EXIF directory offsets must be greater than 0).
+
+Fix CVE-2014-8716.
+
+Forwarded: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
+Bug-debian: http://bugs.debian.org/768494
+Applied-Upstream: 6.9.9.10
+---
+ magick/property.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/magick/property.c b/magick/property.c
+index 25eb765..c9c81d4 100644
+--- a/magick/property.c
++++ b/magick/property.c
+@@ -1321,6 +1321,8 @@ static MagickBooleanType GetEXIFProperty(const Image *image,
+             The directory entry contains an offset.
+           */
+           offset=(ssize_t) ((int) ReadPropertyLong(endian,q+8));
++          if ((offset < 0) || (size_t) offset >= length)
++            continue;
+           if ((ssize_t) (offset+number_bytes) < offset)
+             continue;  /* prevent overflow */
+           if ((size_t) (offset+number_bytes) > length)
+-- 
+2.1.3
+
diff -Nru imagemagick-6.8.9.9/debian/patches/series imagemagick-6.8.9.9/debian/patches/series
--- imagemagick-6.8.9.9/debian/patches/series	2014-10-28 18:50:30.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/series	2014-11-15 14:47:57.000000000 +0100
@@ -3,3 +3,4 @@
 0002-Fix-html-documents.patch
 0003-Fix-meta-tag-damage-in-html-documentation.patch
 0004-Fix-remaining-html-error.patch
+0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch


unblock imagemagick/8:6.8.9.9-3

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---
--- Begin Message --- 
On Sun, 2014-11-16 at 12:04 +0100, bastien ROUCARIÈS wrote:
> Package: release.debian.org
> Severity: important

No, unblocks are "normal".

> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package imagemagick

Already done yesterday. (And visible in "grep-excuses" since the 22:00
run yesterday.)

Regards,

Adam

--- End Message ---
Reply to: