Debian Bug report logs -
#884927
gimp: CVE-2017-17787: heap overread in psp importer / read_creator_block()
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Ari Pollak <ari@debian.org>:
Bug#884927; Package src:gimp.
(Thu, 21 Dec 2017 13:12:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Ari Pollak <ari@debian.org>.
(Thu, 21 Dec 2017 13:12:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: gimp
Version: 2.8.14-1
Severity: normal
Tags: patch security upstream
Forwarded: https://bugzilla.gnome.org/show_bug.cgi?id=790853
Hi,
the following vulnerability was published for gimp.
CVE-2017-17787[0]:
| In GIMP 2.8.22, there is a heap-based buffer over-read in
| read_creator_block in plug-ins/common/file-psp.c.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-17787
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787
[1] https://bugzilla.gnome.org/show_bug.cgi?id=790853
Regards,
Salvatore
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Mon, 25 Dec 2017 17:03:09 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 860766-submit@bugs.debian.org.
(Tue, 26 Dec 2017 21:39:07 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Ari Pollak <ari@debian.org>:
Bug#884927; Package src:gimp.
(Tue, 26 Dec 2017 21:39:16 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Ari Pollak <ari@debian.org>.
(Tue, 26 Dec 2017 21:39:16 GMT) (full text, mbox, link).
Message #14 received at 884927@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags 860766 + patch
Control: tags 860766 + pending
Control: tags 884836 + pending
Control: tags 884837 + patch
Control: tags 884837 + pending
Control: tags 884862 + patch
Control: tags 884862 + pending
Control: tags 884925 + pending
Control: tags 884927 + pending
Control: tags 885347 + pending
Hi Ari,
I've prepared an NMU for gimp (versioned as 2.8.20-1.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
[gimp-2.8.20-1.1-nmu.diff (text/x-diff, attachment)]
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Sun, 31 Dec 2017 22:09:12 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 31 Dec 2017 22:09:12 GMT) (full text, mbox, link).
Message #19 received at 884927-close@bugs.debian.org (full text, mbox, reply):
Source: gimp
Source-Version: 2.8.20-1.1
We believe that the bug you reported is fixed in the latest version of
gimp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 884927@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated gimp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 26 Dec 2017 22:11:46 +0100
Source: gimp
Binary: libgimp2.0 gimp gimp-data libgimp2.0-dev libgimp2.0-doc gimp-dbg
Architecture: source
Version: 2.8.20-1.1
Distribution: unstable
Urgency: medium
Maintainer: Ari Pollak <ari@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 860766 884836 884837 884862 884925 884927 885347
Description:
gimp - GNU Image Manipulation Program
gimp-data - Data files for GIMP
gimp-dbg - Debugging symbols for GIMP
libgimp2.0 - Libraries for the GNU Image Manipulation Program
libgimp2.0-dev - Headers and other files for compiling plugins for GIMP
libgimp2.0-doc - Developers' Documentation for the GIMP library
Changes:
gimp (2.8.20-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
.
[ Ari Pollak ]
* Move gimp to Enhances on gimp-data instead of Recommends (Closes: #860766)
.
[ Salvatore Bonaccorso ]
* Out of bounds read / heap overflow in TGA importer (CVE-2017-17786)
(Closes: #884862)
* plug-ins: TGA 16-bit RGB (without alpha bit) is also valid
* Heap buffer overflow in PSP importer (CVE-2017-17789) (Closes: #884837)
* heap overread in gbr parser / load_image (CVE-2017-17784)
(Closes: #884925)
* heap overread in psp importer (CVE-2017-17787) (Closes: #884927)
* Heap overflow while parsing FLI files (CVE-2017-17785) (Closes: #884836)
* buffer overread in XCF parser if version field has no null terminator
(CVE-2017-17788) (Closes: #885347)
Checksums-Sha1:
fb9dc7b4fe379899af2a76659aeeb26165e96c55 3290 gimp_2.8.20-1.1.dsc
d30b2cb3910f33882da0d3c23306ff826a824b26 45196 gimp_2.8.20-1.1.debian.tar.xz
Checksums-Sha256:
d14a68dbeeea7baa3167d12eca66590214c0893639a2291c0756cc482d9c8a09 3290 gimp_2.8.20-1.1.dsc
eb28be08d4b8f25d8f6c1532aedc8ccad2ba21620ee35ddd31674d7f0f8ec8b0 45196 gimp_2.8.20-1.1.debian.tar.xz
Files:
9a3f297cc9ccdb1f3a834394e3ba4874 3290 graphics optional gimp_2.8.20-1.1.dsc
0843fcdc38025a0d7ee6754d75311229 45196 graphics optional gimp_2.8.20-1.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlpCv2RfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EWwcP/iJnTmE2fygK5BoYMUiZ7TQNhSxkQOGh
uMhbdy90uGXtlUWIWUuQ5hdsh0a1aSQClX7uXf6VF1TfMcxgO0jKMrHPHraiM/KF
rqh/jJsREAx4PDkYqLj5vtif2TbBeDZbu8Do4TgrJWLkDfVpExFHfuDwapUbWNg7
BZcAKtGKuIbFjCuh42WQZ6gbpVZgDzGt/tksI0i3jBvD9xM1xzgbXqZLg38wacZH
KOWxsMsBKG1tVx/mcU/x7ltrqBqpiVZeWaVvHpBARKCL0KqSp/CW/yHFBuYYXH7J
0DO5MbxFL7YODY/ZAp0sRq/teijjt5p+fhL4YLVnbjE8vPpuG4XZRAu4iS12xlJU
nqKIKnpVvsuv5+VaIIRnxFY2tEQv7fjNu7lm1Ta/qOwgJNTxhM4LjJRHVpEltoxS
9pJ9F9OYODEiHAtn/G34R92gqbj+K4OlqOO1vxLmyuG7JGCebtO6bGxGeUvaVPY1
qYAuz1A/Mib5K17jmRxzl9+xudwhZ7haDuMFJiYVDJucvh+uuxs9hoUDji1Jxz3d
g9KkqUAGY08uKL/MGski00dttaiKNfJN4RnJju/rgHixLx8HGKJXTfbLV5v8sr0A
CVnEuhWqJMFpjluGbwaFbujhhadNEQLr8Jej283oGnBbIA4Nt1xGxRl8a8HqhAwS
7BQdNDZtEiA9
=UI5/
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 03 Feb 2018 07:26:31 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:56:13 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon