gthumb: CVE-2018-18718

Debian Bug report logs - #912290
gthumb: CVE-2018-18718

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: gthumb: CVE-2018-18718

Date: Mon, 29 Oct 2018 22:18:35 +0100

Source: gthumb
Version: 3:3.6.2-1
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/gthumb/issues/18

Hi,

The following vulnerability was published for gthumb.

CVE-2018-18718[0]:
| An issue was discovered in gThumb through 3.6.2. There is a double-free
| vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c
| because of two successive calls of g_free, each of which frees the same
| buffer.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-18718
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18718
[1] https://gitlab.gnome.org/GNOME/gthumb/issues/18

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #10 received at 912290-close@bugs.debian.org (full text, mbox, reply):

From: Herbert Parentes Fortes Neto <hpfn@debian.org>

To: 912290-close@bugs.debian.org

Subject: Bug#912290: fixed in gthumb 3:3.6.2-2

Date: Tue, 30 Oct 2018 12:53:11 +0000

Source: gthumb
Source-Version: 3:3.6.2-2

We believe that the bug you reported is fixed in the latest version of
gthumb, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 912290@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Herbert Parentes Fortes Neto <hpfn@debian.org> (supplier of updated gthumb package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Oct 2018 09:06:29 -0300
Source: gthumb
Binary: gthumb gthumb-data gthumb-dev
Architecture: source
Version: 3:3.6.2-2
Distribution: unstable
Urgency: medium
Maintainer: Herbert Parentes Fortes Neto <hpfn@debian.org>
Changed-By: Herbert Parentes Fortes Neto <hpfn@debian.org>
Description:
 gthumb     - image viewer and browser
 gthumb-data - image viewer and browser - arch-independent files
 gthumb-dev - image viewer and browser - development files
Closes: 912290
Changes:
 gthumb (3:3.6.2-2) unstable; urgency=medium
 .
   * debian/patches/
       - cve-2018-18718.patch file (Closes: #912290)
         CVE-2018-18718 - CWE-415: Double Free
         The product calls free() twice on the same memory address, potentially
         leading to modification of unexpected memory locations.
 .
         There is a suspected double-free bug with
         static void add_themes_from_dir() dlg-contact-sheet.c. This method
         involves two successive calls of g_free(buffer) (line 354 and 373),
         and is likely to cause double-free of the buffer. One possible fix
         could be directly assigning the buffer to NULL after the first call
         of g_free(buffer). Thanks Tianjun Wu
         https://gitlab.gnome.org/GNOME/gthumb/issues/18
Checksums-Sha1:
 c871540b7fc0351e2b4add5281ca58f956a9d99d 2284 gthumb_3.6.2-2.dsc
 0db2b52850a435342aad80f65b465b40603e97c7 31452 gthumb_3.6.2-2.debian.tar.xz
 0cc1eb8ad87766ed3328ae7e21c1f2e911c79470 20424 gthumb_3.6.2-2_amd64.buildinfo
Checksums-Sha256:
 04cdc1607bb66fd14f11955dec44fa077f0a756a21c593535345e9a59f9d16fc 2284 gthumb_3.6.2-2.dsc
 f4769c2e8ebe803ac3863d6152bdbfa12245d45a357ddf376e79da26e45999e4 31452 gthumb_3.6.2-2.debian.tar.xz
 0f9964fde0a6b47c92ce6c75d8f339a93082fc01c8042d699af2021da14941d7 20424 gthumb_3.6.2-2_amd64.buildinfo
Files:
 00b96578ad14b4d1545d498e6d60aaf5 2284 gnome optional gthumb_3.6.2-2.dsc
 92c0b38c4185eaf106ff79d2a60ab5cc 31452 gnome optional gthumb_3.6.2-2.debian.tar.xz
 42612cfb45a535130e0cc6a308a783e2 20424 gnome optional gthumb_3.6.2-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAuFiEEbiJhr5LBUJGFGPlCVSVvKKxgYRoFAlvYTk4QHGhwZm5AZGVi
aWFuLm9yZwAKCRBVJW8orGBhGnX8EACTZ39YhRMyO8/ylNOFrQOYxffnvxjIb4Qb
1j3zRYG//jg4oKQmiY9WNGNb0rQKZFJwDpveFJg/lKDCNyiQCaqFIrigwmps6yie
S/7ILPuN/SewjaqTKlkYro2G6xsIe5PeU6fWN0WOGB3RV7NWE8HBMJOiLNiJ9b6R
1QNcHMUQo4jTHYbpg8PRnYoS1d82G3/Z0zir7ZXmi2EXDvVMIUiUZn3iy1LiLQXl
dpse5LMccx89qWgaFh+qYxgReq8JuUcA38goHU2ZdFx0fTUSkvLY2MSZ5EdDq3um
y66YYQV1oMMfOFzp8GoO5ocnw8rHOsnGwY8eaT2dBZZ6jDKjNdelGpj/LR58fn0Z
MMIIyxGOVXXOnu5Z1eKzZn+dBeHtMTBNXM4whPONYtyTYMjfHXE7ot5VAK0eJDQZ
sJnQdBlq6ZI3pgcL9SxqadvFpuU9Fi/3jFVmLVro17BA3Z4+bmIoiBOuBtUTjomZ
Br5RYwwfAXE1qgTklX7U7GdNHmuJ4BaVHSPsZonW+mkZaEsohgEk0Jk3sUjBBIUG
bl7u14fYGTrgXdRdON1oP3NODrG5GrBqPvu9PWojkCLSML/La3HeU6W7vc9jmNlZ
cafhGcNLhQF8ePcBaREAHue/KklyXpU7DAskv5J37ncHGvbNlnaHQ07CySLjrSRK
DANfo9hNjw==
=qrNA
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.