Debian Bug report logs -
#907925
jhead: CVE-2018-17088: Integer overflow in gpsinfo.c while running jhead
Reported by: Hanfang Zhang <hanfangzhang9@gmail.com>
Date: Tue, 4 Sep 2018 07:33:01 UTC
Severity: normal
Tags: security, upstream
Found in version 3.00-7
Fixed in version jhead/1:3.00-8
Done: Ludovic Rousseau <rousseau@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Tue, 04 Sep 2018 07:33:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Hanfang Zhang <hanfangzhang9@gmail.com>
:
New Bug report received and forwarded. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Tue, 04 Sep 2018 07:33:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: jhead
Version: 3.00-7
Interger overflow while running jhead. There is an interger overflow in
exif.c line 530. When OffseVal=0xffff0014, ByteCount=0xffff,
ExifLength=0X13e, this check will be passed. So when executing strncpy
function it will lead to a segmentation fault. It may allow a remote
attacker to cause unspecified impact including denial-of-service attack.Deatil
log as follow:
zhang123@ubuntu:~/Desktop/jhead-3.00$ ./jhead ./testfile
ASAN:SIGSEGV
=================================================================
==21157==ERROR: AddressSanitizer: SEGV on unknown address
0x6130ffffde90 (pc 0x7efd4499e900 bp 0x7fffcbe95d50 sp 0x7fffcbe954d8
T0)
#0 0x7efd4499e8ff in strnlen (/lib/x86_64-linux-gnu/libc.so.6+0x8b8ff)
#1 0x7efd4505c4e2 in __interceptor_strncpy
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x764e2)
#2 0x40efad in ProcessExifDir
(/home/zhang123/Desktop/jhead-3.00/jhead+0x40efad)
#3 0x410399 in process_EXIF
(/home/zhang123/Desktop/jhead-3.00/jhead+0x410399)
#4 0x40830d in ReadJpegSections.part.0
(/home/zhang123/Desktop/jhead-3.00/jhead+0x40830d)
#5 0x4087dd in ReadJpegFile
(/home/zhang123/Desktop/jhead-3.00/jhead+0x4087dd)
#6 0x4049f6 in ProcessFile
(/home/zhang123/Desktop/jhead-3.00/jhead+0x4049f6)
#7 0x402575 in main (/home/zhang123/Desktop/jhead-3.00/jhead+0x402575)
#8 0x7efd4493382f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#9 0x403998 in _start (/home/zhang123/Desktop/jhead-3.00/jhead+0x403998)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 strnlen
==21157==ABORTING
This bug was found by Hanfang Zhang at Sichuan University. Request a
CVE ID. Thanks.
[Message part 2 (text/html, inline)]
[testfile (application/octet-stream, attachment)]
Reply sent
to 907925@bugs.debian.org
:
You have taken responsibility.
(Wed, 05 Sep 2018 08:12:28 GMT) (full text, mbox, link).
Notification sent
to Hanfang Zhang <hanfangzhang9@gmail.com>
:
Bug acknowledged by developer.
(Wed, 05 Sep 2018 08:12:28 GMT) (full text, mbox, link).
Message #10 received at 907925-done@bugs.debian.org (full text, mbox, reply):
Hello,
Le 04/09/2018 à 09:32, Hanfang Zhang a écrit :
> Package: jhead
> Version: 3.00-7
>
> Interger overflow while running jhead. There is an interger overflow in exif.c line 530. When OffseVal=0xffff0014, ByteCount=0xffff, ExifLength=0X13e, this check will be passed. So when executing strncpy function it will lead to a segmentation fault. It may allow a remote attacker to cause unspecified impact including denial-of-service attack.Deatil log as follow:
>
> zhang123@ubuntu:~/Desktop/jhead-3.00$ ./jhead ./testfile
> ASAN:SIGSEGV
> =================================================================
> ==21157==ERROR: AddressSanitizer: SEGV on unknown address 0x6130ffffde90 (pc 0x7efd4499e900 bp 0x7fffcbe95d50 sp 0x7fffcbe954d8 T0)
> #0 0x7efd4499e8ff in strnlen (/lib/x86_64-linux-gnu/libc.so.6+0x8b8ff)
> #1 0x7efd4505c4e2 in __interceptor_strncpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x764e2)
> #2 0x40efad in ProcessExifDir (/home/zhang123/Desktop/jhead-3.00/jhead+0x40efad)
> #3 0x410399 in process_EXIF (/home/zhang123/Desktop/jhead-3.00/jhead+0x410399)
> #4 0x40830d in ReadJpegSections.part.0 (/home/zhang123/Desktop/jhead-3.00/jhead+0x40830d)
> #5 0x4087dd in ReadJpegFile (/home/zhang123/Desktop/jhead-3.00/jhead+0x4087dd)
> #6 0x4049f6 in ProcessFile (/home/zhang123/Desktop/jhead-3.00/jhead+0x4049f6)
> #7 0x402575 in main (/home/zhang123/Desktop/jhead-3.00/jhead+0x402575)
> #8 0x7efd4493382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
> #9 0x403998 in _start (/home/zhang123/Desktop/jhead-3.00/jhead+0x403998)
>
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV ??:0 strnlen
> ==21157==ABORTING
>
> This bug was found by Hanfang Zhang at Sichuan University. Request a CVE ID. Thanks.
I cannot reproduce your problem using the current version of jhead.
I have:
$ jhead testfile
Nonfatal Error : 'testfile' Illegal value pointer for tag 0132 in Exif
Nonfatal Error : 'testfile' Illegal number format 134 for tag 0000 in Exif
Nonfatal Error : 'testfile' Illegal number format 154 for tag 0000 in Exif
Nonfatal Error : 'testfile' Illegally sized Exif subdirectory (1279 entries)
Nonfatal Error : 'testfile' Extraneous 10 padding bytes before section DB
Nonfatal Error : 'testfile' Extraneous 28 padding bytes before section C0
Error : Premature end of file?
in file 'testfile'
But I can reproduce the crash if I rebuild jhead _without_ using the Debian patches.
Program received signal SIGSEGV, Segmentation fault.
__strncpy_sse2_unaligned ()
at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:63
63 ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S: Aucun fichier ou dossier de ce type.
(gdb) bt
#0 __strncpy_sse2_unaligned ()
at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:63
#1 0x000055555555d100 in ProcessExifDir (
DirStart=DirStart@entry=0x55555556f530 "",
OffsetBase=OffsetBase@entry=0x55555556f528 "MM",
ExifLength=ExifLength@entry=318, NestingLevel=NestingLevel@entry=0)
at exif.c:634
#2 0x000055555555d741 in process_EXIF (
ExifSection=0x55555556f520 "\001FExif", length=326) at exif.c:1034
#3 0x000055555555a82a in ReadJpegSections (
infile=infile@entry=0x55555556e2c0, ReadMode=ReadMode@entry=READ_METADATA)
at jpgfile.c:287
#4 0x000055555555ab06 in ReadJpegSections (ReadMode=READ_METADATA,
infile=0x55555556e2c0) at jpgfile.c:355
#5 ReadJpegFile (FileName=0x7fffffffe253 "/home/rousseau/testfile",
ReadMode=READ_METADATA) at jpgfile.c:375
#6 0x0000555555558861 in ProcessFile (
FileName=0x7fffffffe253 "/home/rousseau/testfile") at jhead.c:896
#7 0x000055555555769c in main (argc=<optimized out>, argv=0x7fffffffdf28)
at jhead.c:1730
(gdb)
I think the problem you are reporting is known as CVE-2016-3822 and has already been fixed for Debian in https://sources.debian.org/src/jhead/1:3.00-7/debian/patches/31_CVE-2016-3822/ for jhead version 1:3.00-4
If you think I am wrong please comment on this bug report and I will reopen it.
Regards,
--
Dr. Ludovic Rousseau
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Wed, 05 Sep 2018 10:45:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Hanfang Zhang <hanfangzhang9@gmail.com>
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Wed, 05 Sep 2018 10:45:03 GMT) (full text, mbox, link).
Message #15 received at 907925@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
I'm sorry, I did not run jhead with Debian patches before. I patched it
just now. But I did not see the patch file for gpsinfo.c. So this
vulnerability stiil exists in gpsinfo.c(line 104). I am not sure if I
missed the patch file. The poc is in the attachment.
Ludovic Rousseau <ludovic.rousseau@gmail.com> 于2018年9月5日周三 下午4:10写道:
> Hello,
>
> Le 04/09/2018 à 09:32, Hanfang Zhang a écrit :
> > Package: jhead
> > Version: 3.00-7
> >
> > Interger overflow while running jhead. There is an interger overflow in
> exif.c line 530. When OffseVal=0xffff0014, ByteCount=0xffff,
> ExifLength=0X13e, this check will be passed. So when executing strncpy
> function it will lead to a segmentation fault. It may allow a remote
> attacker to cause unspecified impact including denial-of-service
> attack.Deatil log as follow:
> >
> > zhang123@ubuntu:~/Desktop/jhead-3.00$ ./jhead ./testfile
> > ASAN:SIGSEGV
> > =================================================================
> > ==21157==ERROR: AddressSanitizer: SEGV on unknown address 0x6130ffffde90
> (pc 0x7efd4499e900 bp 0x7fffcbe95d50 sp 0x7fffcbe954d8 T0)
> > #0 0x7efd4499e8ff in strnlen
> (/lib/x86_64-linux-gnu/libc.so.6+0x8b8ff)
> > #1 0x7efd4505c4e2 in __interceptor_strncpy
> (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x764e2)
> > #2 0x40efad in ProcessExifDir
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x40efad)
> > #3 0x410399 in process_EXIF
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x410399)
> > #4 0x40830d in ReadJpegSections.part.0
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x40830d)
> > #5 0x4087dd in ReadJpegFile
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x4087dd)
> > #6 0x4049f6 in ProcessFile
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x4049f6)
> > #7 0x402575 in main
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x402575)
> > #8 0x7efd4493382f in __libc_start_main
> (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
> > #9 0x403998 in _start
> (/home/zhang123/Desktop/jhead-3.00/jhead+0x403998)
> >
> > AddressSanitizer can not provide additional info.
> > SUMMARY: AddressSanitizer: SEGV ??:0 strnlen
> > ==21157==ABORTING
> >
> > This bug was found by Hanfang Zhang at Sichuan University. Request a CVE
> ID. Thanks.
>
> I cannot reproduce your problem using the current version of jhead.
> I have:
> $ jhead testfile
>
> Nonfatal Error : 'testfile' Illegal value pointer for tag 0132 in Exif
>
> Nonfatal Error : 'testfile' Illegal number format 134 for tag 0000 in Exif
>
> Nonfatal Error : 'testfile' Illegal number format 154 for tag 0000 in Exif
>
> Nonfatal Error : 'testfile' Illegally sized Exif subdirectory (1279
> entries)
>
> Nonfatal Error : 'testfile' Extraneous 10 padding bytes before section DB
>
> Nonfatal Error : 'testfile' Extraneous 28 padding bytes before section C0
>
> Error : Premature end of file?
> in file 'testfile'
>
>
> But I can reproduce the crash if I rebuild jhead _without_ using the
> Debian patches.
>
> Program received signal SIGSEGV, Segmentation fault.
> __strncpy_sse2_unaligned ()
> at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:63
> 63 ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S: Aucun fichier
> ou dossier de ce type.
> (gdb) bt
> #0 __strncpy_sse2_unaligned ()
> at ../sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S:63
> #1 0x000055555555d100 in ProcessExifDir (
> DirStart=DirStart@entry=0x55555556f530 "",
> OffsetBase=OffsetBase@entry=0x55555556f528 "MM",
> ExifLength=ExifLength@entry=318, NestingLevel=NestingLevel@entry=0)
> at exif.c:634
> #2 0x000055555555d741 in process_EXIF (
> ExifSection=0x55555556f520 "\001FExif", length=326) at exif.c:1034
> #3 0x000055555555a82a in ReadJpegSections (
> infile=infile@entry=0x55555556e2c0, ReadMode=ReadMode@entry
> =READ_METADATA)
> at jpgfile.c:287
> #4 0x000055555555ab06 in ReadJpegSections (ReadMode=READ_METADATA,
> infile=0x55555556e2c0) at jpgfile.c:355
> #5 ReadJpegFile (FileName=0x7fffffffe253 "/home/rousseau/testfile",
> ReadMode=READ_METADATA) at jpgfile.c:375
> #6 0x0000555555558861 in ProcessFile (
> FileName=0x7fffffffe253 "/home/rousseau/testfile") at jhead.c:896
> #7 0x000055555555769c in main (argc=<optimized out>, argv=0x7fffffffdf28)
> at jhead.c:1730
> (gdb)
>
> I think the problem you are reporting is known as CVE-2016-3822 and has
> already been fixed for Debian in
> https://sources.debian.org/src/jhead/1:3.00-7/debian/patches/31_CVE-2016-3822/
> for jhead version 1:3.00-4
>
> If you think I am wrong please comment on this bug report and I will
> reopen it.
>
> Regards,
>
> --
> Dr. Ludovic Rousseau
>
[Message part 2 (text/html, inline)]
[poc (application/octet-stream, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Wed, 05 Sep 2018 13:39:06 GMT) (full text, mbox, link).
Acknowledgement sent
to 907925@bugs.debian.org
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Wed, 05 Sep 2018 13:39:06 GMT) (full text, mbox, link).
Message #20 received at 907925@bugs.debian.org (full text, mbox, reply):
Le 05/09/2018 à 12:42, Hanfang Zhang a écrit :
> I'm sorry, I did not run jhead with Debian patches before. I patched it just now. But I did not see the patch file for gpsinfo.c. So this vulnerability stiil exists in gpsinfo.c(line 104). I am not sure if I missed the patch file. The poc is in the attachment.
Exact.
With the poc file I can reproduce the crash.
I reopened the bug and will provide a fix.
Thanks
--
Dr. Ludovic Rousseau
Bug reopened
Request was from Ludovic Rousseau <ludovic.rousseau@free.fr>
to control@bugs.debian.org
.
(Wed, 05 Sep 2018 13:48:02 GMT) (full text, mbox, link).
Added tag(s) security.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Sep 2018 15:03:09 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Wed, 05 Sep 2018 15:06:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Wed, 05 Sep 2018 15:06:02 GMT) (full text, mbox, link).
Message #29 received at 907925@bugs.debian.org (full text, mbox, reply):
Hi Hanfang,
On Tue, Sep 04, 2018 at 03:32:02PM +0800, Hanfang Zhang wrote:
> This bug was found by Hanfang Zhang at Sichuan University. Request a
> CVE ID. Thanks.
Can you please request a CVE via the webform at
https://cveform.mitre.org/ and once the CVE assigned loop it back
here?
Thanks already,
Regards,
Salvatore
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Wed, 05 Sep 2018 15:06:04 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Fri, 07 Sep 2018 04:57:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Hanfang Zhang <hanfangzhang9@gmail.com>
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Fri, 07 Sep 2018 04:57:02 GMT) (full text, mbox, link).
Message #36 received at 907925@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi Salvatore,
I have done that and the CVE ID is CVE-2018-16554. But the status of it is
preserved. Thanks.
Regards,
Hanfang
Salvatore Bonaccorso <carnil@debian.org> 于2018年9月5日周三 下午11:05写道:
> Hi Hanfang,
>
> On Tue, Sep 04, 2018 at 03:32:02PM +0800, Hanfang Zhang wrote:
> > This bug was found by Hanfang Zhang at Sichuan University. Request a
> > CVE ID. Thanks.
>
> Can you please request a CVE via the webform at
> https://cveform.mitre.org/ and once the CVE assigned loop it back
> here?
>
> Thanks already,
>
> Regards,
> Salvatore
>
[Message part 2 (text/html, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Fri, 07 Sep 2018 08:51:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Fri, 07 Sep 2018 08:51:03 GMT) (full text, mbox, link).
Message #41 received at 907925@bugs.debian.org (full text, mbox, reply):
Control: retitle -1 jhead: CVE-2018-16554: Interger overflow while running jhead
Hi Hanfang,
On Fri, Sep 07, 2018 at 12:53:38PM +0800, Hanfang Zhang wrote:
> Hi Salvatore,
>
> I have done that and the CVE ID is CVE-2018-16554. But the status of it is
> preserved. Thanks.
Perfect, thank you!
Regards,
Salvatore
Changed Bug title to 'jhead: CVE-2018-16554: Interger overflow while running jhead' from 'jhead: Interger overflow while running jhead'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 907925-submit@bugs.debian.org
.
(Fri, 07 Sep 2018 08:51:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Sun, 16 Sep 2018 19:12:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Sun, 16 Sep 2018 19:12:03 GMT) (full text, mbox, link).
Message #48 received at 907925@bugs.debian.org (full text, mbox, reply):
Control: retitle 907925 jhead: CVE-2018-17088: Integer overflow in gpsinfo.c while running jhead
Control: retitle 908176 jhead: CVE-2018-16554: Buffer overflow in gpsinfo.c while running jhead
Hi
On Fri, Sep 07, 2018 at 10:48:26AM +0200, Salvatore Bonaccorso wrote:
> Control: retitle -1 jhead: CVE-2018-16554: Interger overflow while running jhead
I checked with MITRE on the relative CVE assignments for #907925 and
#908176 and MITRE confirmed they should be as follows:
#907925:
jhead: CVE-2018-17088: Integer overflow in gpsinfo.c while running jhead
#908176:
jhead: CVE-2018-16554: Buffer overflow in gpsinfo.c while running jhead
Regards,
Salvatore
Changed Bug title to 'jhead: CVE-2018-17088: Integer overflow in gpsinfo.c while running jhead' from 'jhead: CVE-2018-16554: Interger overflow while running jhead'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 907925-submit@bugs.debian.org
.
(Sun, 16 Sep 2018 19:12:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Ludovic Rousseau <rousseau@debian.org>
:
Bug#907925
; Package jhead
.
(Mon, 17 Sep 2018 01:48:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Hanfang Zhang <hanfangzhang9@gmail.com>
:
Extra info received and forwarded to list. Copy sent to Ludovic Rousseau <rousseau@debian.org>
.
(Mon, 17 Sep 2018 01:48:03 GMT) (full text, mbox, link).
Message #55 received at 907925@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Thanks a lot!
Regards,
Hanfang
Salvatore Bonaccorso <carnil@debian.org> 于2018年9月17日周一 上午3:08写道:
> Control: retitle 907925 jhead: CVE-2018-17088: Integer overflow in
> gpsinfo.c while running jhead
> Control: retitle 908176 jhead: CVE-2018-16554: Buffer overflow in
> gpsinfo.c while running jhead
>
> Hi
>
> On Fri, Sep 07, 2018 at 10:48:26AM +0200, Salvatore Bonaccorso wrote:
> > Control: retitle -1 jhead: CVE-2018-16554: Interger overflow while
> running jhead
>
> I checked with MITRE on the relative CVE assignments for #907925 and
> #908176 and MITRE confirmed they should be as follows:
>
> #907925:
> jhead: CVE-2018-17088: Integer overflow in gpsinfo.c while running jhead
>
> #908176:
> jhead: CVE-2018-16554: Buffer overflow in gpsinfo.c while running jhead
>
> Regards,
> Salvatore
>
[Message part 2 (text/html, inline)]
Reply sent
to Ludovic Rousseau <rousseau@debian.org>
:
You have taken responsibility.
(Wed, 19 Sep 2018 18:09:04 GMT) (full text, mbox, link).
Notification sent
to Hanfang Zhang <hanfangzhang9@gmail.com>
:
Bug acknowledged by developer.
(Wed, 19 Sep 2018 18:09:04 GMT) (full text, mbox, link).
Message #60 received at 907925-close@bugs.debian.org (full text, mbox, reply):
Source: jhead
Source-Version: 1:3.00-8
We believe that the bug you reported is fixed in the latest version of
jhead, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 907925@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ludovic Rousseau <rousseau@debian.org> (supplier of updated jhead package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 19 Sep 2018 19:55:26 +0200
Source: jhead
Binary: jhead
Architecture: source amd64
Version: 1:3.00-8
Distribution: unstable
Urgency: medium
Maintainer: Ludovic Rousseau <rousseau@debian.org>
Changed-By: Ludovic Rousseau <rousseau@debian.org>
Description:
jhead - manipulate the non-image part of Exif compliant JPEG files
Closes: 907925 908176
Changes:
jhead (1:3.00-8) unstable; urgency=medium
.
* Fix "Interger overflow while running jhead" (Closes: #907925)
debian/patches/32_crash_in_gpsinfo fix CVE-2018-17088
* Fix "Buffer Overflow while running jhead" (Closes: #908176)
debian/patches/33_fix_908176 fix CVE-2018-16554
* Fix another buffer overflow
debian/patches/34_buffer_overflow
* Upgrade debhelper version from 9 to 11
* debian/control: Standards-Version: 3.9.8 -> 4.2.1. No change needed.
* debian/patches/35_fix_alloc_size: patch from Fedora to fix a compiler
warning
Checksums-Sha1:
7b353c99aef716cbb48af49b26612365edf0be17 1815 jhead_3.00-8.dsc
98f63bc27f86bf8e6ea34ca085c1aae4a42ab000 9080 jhead_3.00-8.debian.tar.xz
e5c35d95e193823f0ed947abd0ec8f210770f0f0 76832 jhead-dbgsym_3.00-8_amd64.deb
1881960899c84f9f5da61cc06a8677fe3acc5933 5785 jhead_3.00-8_amd64.buildinfo
72cf59be94ac74117277c04f517014261f04f0c4 49360 jhead_3.00-8_amd64.deb
Checksums-Sha256:
115f9567f5ed4b6ab1089fc7ff5ddddd2910b480115a78dcd19447ded4935036 1815 jhead_3.00-8.dsc
71f718b7e50fa98b6dd012b405995876df38ed576db968f2161f07c2a06d2f8f 9080 jhead_3.00-8.debian.tar.xz
c2e6f231bc7c2d2a1323b4341d1f1a53d8a240ed89aa509f255030a15e0dd508 76832 jhead-dbgsym_3.00-8_amd64.deb
a4c5adad30c338a6069c78057ebac6cbd9ea5a9284b43e777d9f2580986d2aea 5785 jhead_3.00-8_amd64.buildinfo
486a48bac178eddeb8c6147c01a968a68cdf1ef403083e6ff8b904ef9ddc7590 49360 jhead_3.00-8_amd64.deb
Files:
5d2907e6068f6e69d2446db0c157fd78 1815 graphics optional jhead_3.00-8.dsc
ff518a2ef847d538dcca1f1282e1e87e 9080 graphics optional jhead_3.00-8.debian.tar.xz
1ea2f880245e9bcca15f47d6274e3393 76832 debug optional jhead-dbgsym_3.00-8_amd64.deb
77cb3a4805b2d88c75cd414afcd1e41e 5785 graphics optional jhead_3.00-8_amd64.buildinfo
02532456f89488f1cbc78b90e348286c 49360 graphics optional jhead_3.00-8_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEE9eEbn/6REUb0HZU9eKG03+j5xX4FAluijeoUHHJvdXNzZWF1
QGRlYmlhbi5vcmcACgkQeKG03+j5xX7eaQ/9EwmTQAvhadzAsO3a8sWTc1Juked6
1CJFweC1ZkENmzPUFJdZx5P98t4ELSVbv4ofKTpR5H+Ut7ivzXfOvnNUllllq2K2
vvZ7OBPmI9lyQqyV6Gf96Rk7OGg9UNqHGpcefuWr1SLqL209H1/lnrKBKtsypDsa
AjxGRGn4wEHXrt8wPFIJivk2c6SN4hJ5ISeBuysqM9JpMmTyC6/NqAkk1z2vyn2o
/Yam+uM6o9gT0J2PSSfCXHj5jAt2W/UsmHSpMV3wG+gVaxQg/iU97jXSqR7wrDob
FKowrZrnh5MSFyT06cQBG1JrNCPFmkWizJx9DMnQeqgZtEhYkV70NPAfuGMfDGjv
zzNQTNy69Q4n9btWHT+O1uRSQsyG39nFvjFD9ADcNL1FehDhfYXw3BX/WE/hZWYx
TBFCEY721P6sBbei1TPvE17VvNwv6I9YFjql7lmBwzh6ITE/w6QgwksgV9MT8MhH
t0HmNjbiQlfKuuQk7KlGRdy+hmlV+pBUSw/TpOPtfuA8WJStzDwaoI8+rglgXpjp
DQ9zgeE5EKkREyjpUChY4VAz+39F1b94nP2QzHL6Y6VxiKOYqYns0zT/EwHonq+u
EWqIpvwYOWm+EV3aeUU0xLvQ3QTG55wT4vozg3/pTSJigXUa9hnuMzt2IyYYW4VM
4QtdLO7tA+c8RZY=
=ZZGp
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Thu, 18 Oct 2018 07:27:07 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:36:44 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.