Debian Bug report logs -
#832496
gdk-pixbuf: CVE-2016-6352: ico loader crashes when loading crafted file
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#832496; Package src:gdk-pixbuf.
(Tue, 26 Jul 2016 04:33:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>.
(Tue, 26 Jul 2016 04:33:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: gdk-pixbuf
Version: 2.31.1-1
Severity: important
Tags: security upstream
Forwarded: https://bugzilla.gnome.org/show_bug.cgi?id=769170
>From upstream bug report, and since there is no CVE assigned, for
better trackability:
> There's a crash when loading specially crafted ico files.
>
> See http://seclists.org/oss-sec/2016/q3/61
>
> I have reproduced this with 2.30.7, 2.31.1 and 2.35.2. It doesn't
> happen with 2.26.1. It's easily reproducible with tests/pixbuf-read.
>
> Here's the backtrace for 2.35.2:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x00007ffff54ea414 in OneLine32 (context=0x611f50) at io-ico.c:596
> 596 Pixels[X * 4 + 0] = context->LineBuf[X * 4 + 2];
> (gdb) bt
> #0 0x00007ffff54ea414 in gdk_pixbuf__ico_image_load_increment (context=0x611f50) at io-ico.c:596
> #1 0x00007ffff54ea414 in gdk_pixbuf__ico_image_load_increment (context=0x611f50) at io-ico.c:807
> #2 0x00007ffff54ea414 in gdk_pixbuf__ico_image_load_increment (data=0x611f50, buf=0x60fc52 "", size=0, error=0x7fffffffe438) at io-ico.c:898
> #3 0x00007ffff7bc4695 in gdk_pixbuf_loader_load_module (loader=loader@entry=0x60f400 [GdkPixbufLoader], image_type=image_type@entry=0x0, error=error@entry=0x7fffffffe438) at gdk-pixbuf-loader.c:443
> #4 0x00007ffff7bc4f20 in gdk_pixbuf_loader_close (loader=loader@entry=0x60f400 [GdkPixbufLoader], error=error@entry=0x7fffffffe488)
> at gdk-pixbuf-loader.c:808
> #5 0x0000000000400ac6 in main (err=0x7fffffffe488, len=70, bytes=0x60cdf0 "") at pixbuf-read.c:35
> #6 0x0000000000400ac6 in main (argc=<optimized out>, argv=<optimized out>) at pixbuf-read.c:75
Regards,
Salvatore
Changed Bug title to 'gdk-pixbuf: ico loader crashes when loading crafted file' from 'gdk-pixbuf: ico loader crashes when loading crafted file ico loader crashes when loading crafted file'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Tue, 26 Jul 2016 04:36:10 GMT) (full text, mbox, link).
Changed Bug title to 'gdk-pixbuf: CVE-2016-6352: ico loader crashes when loading crafted file' from 'gdk-pixbuf: ico loader crashes when loading crafted file'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 27 Jul 2016 05:03:08 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Thu, 04 Aug 2016 17:57:29 GMT) (full text, mbox, link).
Marked as fixed in versions gdk-pixbuf/2.36.2-1.
Request was from Michael Biebl <biebl@debian.org>
to control@bugs.debian.org.
(Fri, 23 Dec 2016 01:03:04 GMT) (full text, mbox, link).
Marked Bug as done
Request was from Michael Biebl <biebl@debian.org>
to control@bugs.debian.org.
(Fri, 23 Dec 2016 01:03:05 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Fri, 23 Dec 2016 01:03:05 GMT) (full text, mbox, link).
Message sent on
to Salvatore Bonaccorso <carnil@debian.org>:
Bug#832496.
(Fri, 23 Dec 2016 01:03:07 GMT) (full text, mbox, link).
Message #20 received at 832496-submitter@bugs.debian.org (full text, mbox, reply):
close 832496 2.36.2-1
thanks
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#832496; Package src:gdk-pixbuf.
(Fri, 23 Dec 2016 05:48:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>.
(Fri, 23 Dec 2016 05:48:03 GMT) (full text, mbox, link).
Message #25 received at 832496@bugs.debian.org (full text, mbox, reply):
Control: fixed -1 2.35.4-1
On Fri, Dec 23, 2016 at 01:03:05AM +0000, Debian Bug Tracking System wrote:
> Processing commands for control@bugs.debian.org:
>
> > close 832496 2.36.2-1
> Bug #832496 [src:gdk-pixbuf] gdk-pixbuf: CVE-2016-6352: ico loader crashes when loading crafted file
> Marked as fixed in versions gdk-pixbuf/2.36.2-1.
> Bug #832496 [src:gdk-pixbuf] gdk-pixbuf: CVE-2016-6352: ico loader crashes when loading crafted file
> Marked Bug as done
Actually, unless my research is wrong the first fixing version is
2.35.4-1.
Let me know if that's wrong please.
Regards,
Salvatore
Marked as fixed in versions gdk-pixbuf/2.35.4-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 832496-submit@bugs.debian.org.
(Fri, 23 Dec 2016 05:48:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>:
Bug#832496; Package src:gdk-pixbuf.
(Fri, 23 Dec 2016 21:09:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Biebl <biebl@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>.
(Fri, 23 Dec 2016 21:09:02 GMT) (full text, mbox, link).
Message #32 received at 832496@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Am 23.12.2016 um 06:45 schrieb Salvatore Bonaccorso:
> Control: fixed -1 2.35.4-1
>
> On Fri, Dec 23, 2016 at 01:03:05AM +0000, Debian Bug Tracking System wrote:
>> Processing commands for control@bugs.debian.org:
>>
>>> close 832496 2.36.2-1
>> Bug #832496 [src:gdk-pixbuf] gdk-pixbuf: CVE-2016-6352: ico loader crashes when loading crafted file
>> Marked as fixed in versions gdk-pixbuf/2.36.2-1.
>> Bug #832496 [src:gdk-pixbuf] gdk-pixbuf: CVE-2016-6352: ico loader crashes when loading crafted file
>> Marked Bug as done
>
> Actually, unless my research is wrong the first fixing version is
> 2.35.4-1.
>
> Let me know if that's wrong please.
I just tested the current version in unstable and didn't research the
correct version. Thanks for caring and fixing it.
Regards,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
[signature.asc (application/pgp-signature, attachment)]
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 15 Mar 2017 07:37:22 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:40:24 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon