Debian Bug report logs -
#912290
gthumb: CVE-2018-18718
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, team@security.debian.org, Herbert Parentes Fortes Neto <hpfn@debian.org>
:
Bug#912290
; Package src:gthumb
.
(Mon, 29 Oct 2018 21:21:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, team@security.debian.org, Herbert Parentes Fortes Neto <hpfn@debian.org>
.
(Mon, 29 Oct 2018 21:21:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: gthumb
Version: 3:3.6.2-1
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/gthumb/issues/18
Hi,
The following vulnerability was published for gthumb.
CVE-2018-18718[0]:
| An issue was discovered in gThumb through 3.6.2. There is a double-free
| vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c
| because of two successive calls of g_free, each of which frees the same
| buffer.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-18718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18718
[1] https://gitlab.gnome.org/GNOME/gthumb/issues/18
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Reply sent
to Herbert Parentes Fortes Neto <hpfn@debian.org>
:
You have taken responsibility.
(Tue, 30 Oct 2018 12:57:06 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>
:
Bug acknowledged by developer.
(Tue, 30 Oct 2018 12:57:06 GMT) (full text, mbox, link).
Message #10 received at 912290-close@bugs.debian.org (full text, mbox, reply):
Source: gthumb
Source-Version: 3:3.6.2-2
We believe that the bug you reported is fixed in the latest version of
gthumb, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 912290@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Herbert Parentes Fortes Neto <hpfn@debian.org> (supplier of updated gthumb package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 30 Oct 2018 09:06:29 -0300
Source: gthumb
Binary: gthumb gthumb-data gthumb-dev
Architecture: source
Version: 3:3.6.2-2
Distribution: unstable
Urgency: medium
Maintainer: Herbert Parentes Fortes Neto <hpfn@debian.org>
Changed-By: Herbert Parentes Fortes Neto <hpfn@debian.org>
Description:
gthumb - image viewer and browser
gthumb-data - image viewer and browser - arch-independent files
gthumb-dev - image viewer and browser - development files
Closes: 912290
Changes:
gthumb (3:3.6.2-2) unstable; urgency=medium
.
* debian/patches/
- cve-2018-18718.patch file (Closes: #912290)
CVE-2018-18718 - CWE-415: Double Free
The product calls free() twice on the same memory address, potentially
leading to modification of unexpected memory locations.
.
There is a suspected double-free bug with
static void add_themes_from_dir() dlg-contact-sheet.c. This method
involves two successive calls of g_free(buffer) (line 354 and 373),
and is likely to cause double-free of the buffer. One possible fix
could be directly assigning the buffer to NULL after the first call
of g_free(buffer). Thanks Tianjun Wu
https://gitlab.gnome.org/GNOME/gthumb/issues/18
Checksums-Sha1:
c871540b7fc0351e2b4add5281ca58f956a9d99d 2284 gthumb_3.6.2-2.dsc
0db2b52850a435342aad80f65b465b40603e97c7 31452 gthumb_3.6.2-2.debian.tar.xz
0cc1eb8ad87766ed3328ae7e21c1f2e911c79470 20424 gthumb_3.6.2-2_amd64.buildinfo
Checksums-Sha256:
04cdc1607bb66fd14f11955dec44fa077f0a756a21c593535345e9a59f9d16fc 2284 gthumb_3.6.2-2.dsc
f4769c2e8ebe803ac3863d6152bdbfa12245d45a357ddf376e79da26e45999e4 31452 gthumb_3.6.2-2.debian.tar.xz
0f9964fde0a6b47c92ce6c75d8f339a93082fc01c8042d699af2021da14941d7 20424 gthumb_3.6.2-2_amd64.buildinfo
Files:
00b96578ad14b4d1545d498e6d60aaf5 2284 gnome optional gthumb_3.6.2-2.dsc
92c0b38c4185eaf106ff79d2a60ab5cc 31452 gnome optional gthumb_3.6.2-2.debian.tar.xz
42612cfb45a535130e0cc6a308a783e2 20424 gnome optional gthumb_3.6.2-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCgAuFiEEbiJhr5LBUJGFGPlCVSVvKKxgYRoFAlvYTk4QHGhwZm5AZGVi
aWFuLm9yZwAKCRBVJW8orGBhGnX8EACTZ39YhRMyO8/ylNOFrQOYxffnvxjIb4Qb
1j3zRYG//jg4oKQmiY9WNGNb0rQKZFJwDpveFJg/lKDCNyiQCaqFIrigwmps6yie
S/7ILPuN/SewjaqTKlkYro2G6xsIe5PeU6fWN0WOGB3RV7NWE8HBMJOiLNiJ9b6R
1QNcHMUQo4jTHYbpg8PRnYoS1d82G3/Z0zir7ZXmi2EXDvVMIUiUZn3iy1LiLQXl
dpse5LMccx89qWgaFh+qYxgReq8JuUcA38goHU2ZdFx0fTUSkvLY2MSZ5EdDq3um
y66YYQV1oMMfOFzp8GoO5ocnw8rHOsnGwY8eaT2dBZZ6jDKjNdelGpj/LR58fn0Z
MMIIyxGOVXXOnu5Z1eKzZn+dBeHtMTBNXM4whPONYtyTYMjfHXE7ot5VAK0eJDQZ
sJnQdBlq6ZI3pgcL9SxqadvFpuU9Fi/3jFVmLVro17BA3Z4+bmIoiBOuBtUTjomZ
Br5RYwwfAXE1qgTklX7U7GdNHmuJ4BaVHSPsZonW+mkZaEsohgEk0Jk3sUjBBIUG
bl7u14fYGTrgXdRdON1oP3NODrG5GrBqPvu9PWojkCLSML/La3HeU6W7vc9jmNlZ
cafhGcNLhQF8ePcBaREAHue/KklyXpU7DAskv5J37ncHGvbNlnaHQ07CySLjrSRK
DANfo9hNjw==
=qrNA
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Wed, 28 Nov 2018 07:48:12 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:46:11 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.