Debian Bug report logs -
#829062
libgd2: CVE-2016-6128: Invalid color index is not properly handled leading to denial of service
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 30 Jun 2016 07:39:01 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in version libgd2/2.1.0-5
Fixed in versions libgd2/2.2.2-29-g3c2b605-1, libgd2/2.1.0-5+deb8u4
Done: Ondřej Surý <ondrej@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GD team <pkg-gd-devel@lists.alioth.debian.org>:
Bug#829062; Package src:libgd2.
(Thu, 30 Jun 2016 07:39:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GD team <pkg-gd-devel@lists.alioth.debian.org>.
(Thu, 30 Jun 2016 07:39:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libgd2
Version: 2.1.0-5
Severity: important
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for libgd2.
CVE-2016-6128[0]:
Invalid color index is not properly handled leading to denial of service
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-6128
[1] https://github.com/libgd/libgd/compare/3fe0a71...6ff72ae
Regards,
Salvatore
Reply sent
to Ondřej Surý <ondrej@debian.org>:
You have taken responsibility.
(Thu, 14 Jul 2016 10:09:30 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Thu, 14 Jul 2016 10:09:30 GMT) (full text, mbox, link).
Message #10 received at 829062-close@bugs.debian.org (full text, mbox, reply):
Source: libgd2
Source-Version: 2.2.2-29-g3c2b605-1
We believe that the bug you reported is fixed in the latest version of
libgd2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 829062@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <ondrej@debian.org> (supplier of updated libgd2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 14 Jul 2016 10:53:07 +0200
Source: libgd2
Binary: libgd-tools libgd-dev libgd3 libgd-dbg
Architecture: source amd64
Version: 2.2.2-29-g3c2b605-1
Distribution: unstable
Urgency: medium
Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
libgd-dbg - Debug symbols for GD Graphics Library
libgd-dev - GD Graphics Library (development version)
libgd-tools - GD command line tools and example code
libgd3 - GD Graphics Library
Closes: 829014 829062 829694
Changes:
libgd2 (2.2.2-29-g3c2b605-1) unstable; urgency=medium
.
* Imported Upstream version 2.2.2-29-g3c2b605
+ [CVE-2016-5766]: Fix Integer Overflow in _gd2GetHeader() resulting in
heap overflow (Closes: #829014)
+ [CVE-2016-6128]: Fix invalid color index not handled, can lead to
crash (Closes: #829062)
+ [CVE-2016-6161]: Add upstream patch to fix gif: avoid out-of-bound
reads of masks array
+ [CVE-2016-6132]: Fix out-of-bounds read in the parsing of TGA files
(Closes: #829694)
+ [CVE-2016-6214]: Fix read out-of-bands was found in TGA
+ Fix another out-of-bounds read in read_image_tga (upstream #248)
* Remove patches merged upstream
Checksums-Sha1:
909ea3dabdf150dcefac7ea72142c14e216aa7d0 2410 libgd2_2.2.2-29-g3c2b605-1.dsc
dcbb179ada29ff7d6b106042699550e94fef5dff 1831552 libgd2_2.2.2-29-g3c2b605.orig.tar.xz
c2c5ea2cc05491ba34588ec4edd53a2fed727e60 22728 libgd2_2.2.2-29-g3c2b605-1.debian.tar.xz
02ec24d0b94201602fa73fe2a777cabdcb995645 301204 libgd-dbg_2.2.2-29-g3c2b605-1_amd64.deb
230e502983037a5030232e5e5ff0b87e9c016ae5 272240 libgd-dev_2.2.2-29-g3c2b605-1_amd64.deb
259d95c8ce6ae63f0763659919f7364c8a96b0c3 37730 libgd-tools_2.2.2-29-g3c2b605-1_amd64.deb
6af004c776465bd3692e31d850e3c9ca62ac8cbc 133338 libgd3_2.2.2-29-g3c2b605-1_amd64.deb
Checksums-Sha256:
7a137f4bc72a1e15cc71c2a6198d2961aff1ba99095f44bd51aa7cd34cdd8ce1 2410 libgd2_2.2.2-29-g3c2b605-1.dsc
f327ede0051ec08041211a418c059970cc2ec4d9ad4a27b21bc150a0ca1ebcb1 1831552 libgd2_2.2.2-29-g3c2b605.orig.tar.xz
25b52a9a81615721bf2939c6b6fcc497034f15aafb9d9c8b64364dbd35754dcf 22728 libgd2_2.2.2-29-g3c2b605-1.debian.tar.xz
fe69d6e5f5b857e45c72de8382cc3678754b97ab7a3e244eda5eafa5fe17842f 301204 libgd-dbg_2.2.2-29-g3c2b605-1_amd64.deb
003784884bf863b28ba040aeb62935626ce8d071c94b293adaa82d99b5cbe18c 272240 libgd-dev_2.2.2-29-g3c2b605-1_amd64.deb
07dbfeb58119419e43a974b53e4f7563cd7950b443260fc9dafeb415d8f8ad9a 37730 libgd-tools_2.2.2-29-g3c2b605-1_amd64.deb
c4d3b1f8e1929d0382ef4aa234c98622c0f3f3b42473bbfae4f9066b9cf844db 133338 libgd3_2.2.2-29-g3c2b605-1_amd64.deb
Files:
a9ee064f12c19bde0a1795473794c6de 2410 graphics optional libgd2_2.2.2-29-g3c2b605-1.dsc
d2db003478d451b45886d9fa784aba62 1831552 graphics optional libgd2_2.2.2-29-g3c2b605.orig.tar.xz
db9b25e23bff75d6f6065f0d5483183a 22728 graphics optional libgd2_2.2.2-29-g3c2b605-1.debian.tar.xz
7275cc4972c01be8b2d67afa1c6c3664 301204 debug extra libgd-dbg_2.2.2-29-g3c2b605-1_amd64.deb
040a58abc161a54396b3c3ef3895d790 272240 libdevel optional libgd-dev_2.2.2-29-g3c2b605-1_amd64.deb
6b3b0d297458a536040e4e42dd324ef8 37730 graphics optional libgd-tools_2.2.2-29-g3c2b605-1_amd64.deb
051ae20be3e6012d5659afc769144400 133338 libs optional libgd3_2.2.2-29-g3c2b605-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAEBCgBmBQJXh4S6XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsH84EQAKDWSF7edJ9LTBGf3MdRcHN+
/P8CdzScEzCrZ8o0euA+tAa3V8XjBbcsfLmKYjoLbAd31Jf2fDFGQS+dVnJHTdM6
oOlpNF53HVGjy7bvbUQFj52fFTQpH9RvdkycNiSZmexxw9mrFxh0x+uAuGEoEK2i
/u3LG6mhmnYYYZaPmaOcO0nXojpduBu82ovMOdk4oL9NqXS9vfWoiWevla45KjZC
b4GMI9YAgVbhd8nhUh8LGrPHX2uGRtTKz6rILeF79p6/mTTIW00cHK54iIoQxxm1
ZYi7VoJYwINOq0tKY+AqoJL5iTJqGzRiYGXr1srUGbRzm0ZDbgcgKInStEgWzhSk
31Eg2m83ZTauleL2yfv+h/g8yeLS0CiwIx1EaIT0DtNr7SKjW2BCb34m0r3hdt1e
xOP69ljgHAzVbai6jwFJkUpBLZe28xm4Me/MyMo3ao5zr2CwiU6Wjozu3w3hLLrS
Jbh5aquK5nH7qc9mWd8V4ve+RNkIdsuohwmdaKK3dFSqFdfxN+6grv+QmL2NB/k0
iq7uzaAdiVO3kGnZDQ+1aTidT3I4GABC8bgdWo09NSQZDsDbFLwrCb07d9yC5GBN
MFGgcTksGrI3XepjVIeH6jlz3bGb3QkZZOCOkTravVyDWmzhaa/qOGrf76fw1COa
gX6xmgnAKx2tRMmjZ4l6
=hUh9
-----END PGP SIGNATURE-----
Reply sent
to Ondřej Surý <ondrej@debian.org>:
You have taken responsibility.
(Sat, 16 Jul 2016 22:06:37 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sat, 16 Jul 2016 22:06:37 GMT) (full text, mbox, link).
Message #15 received at 829062-close@bugs.debian.org (full text, mbox, reply):
Source: libgd2
Source-Version: 2.1.0-5+deb8u4
We believe that the bug you reported is fixed in the latest version of
libgd2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 829062@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <ondrej@debian.org> (supplier of updated libgd2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 15 Jul 2016 15:02:40 +0200
Source: libgd2
Binary: libgd-tools libgd-dev libgd3 libgd-dbg libgd2-xpm-dev libgd2-noxpm-dev
Architecture: source amd64
Version: 2.1.0-5+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
libgd-dbg - Debug symbols for GD Graphics Library
libgd-dev - GD Graphics Library (development version)
libgd-tools - GD command line tools and example code
libgd2-noxpm-dev - GD Graphics Library (transitional package)
libgd2-xpm-dev - GD Graphics Library (transitional package)
libgd3 - GD Graphics Library
Closes: 829014 829062 829694
Changes:
libgd2 (2.1.0-5+deb8u4) jessie-security; urgency=high
.
* [CVE-2016-5766]: Fix Integer Overflow in _gd2GetHeader() resulting in
heap overflow (Closes: #829014)
* [CVE-2016-6128]: Fix invalid color index not handled, can lead to
crash (Closes: #829062)
* [CVE-2016-6161]: Add upstream patch to fix gif: avoid out-of-bound
reads of masks array
* [CVE-2016-6132]: Fix out-of-bounds read in the parsing of TGA files
(Closes: #829694)
* [CVE-2016-6214]: Fix read out-of-bands was found in TGA
* [CVE-to-be-assigned]: Fix another out-of-bounds read in read_image_tga
(upstream #248)
* [CVE-2016-5116]: Fix xbm: avoid stack overflow (read) with large names
Checksums-Sha1:
ecd2566d277b728d92a2eade015a6eeb44652be2 2467 libgd2_2.1.0-5+deb8u4.dsc
31370d2bdc6b334791363958d00042676ed18c1e 42188 libgd2_2.1.0-5+deb8u4.debian.tar.xz
c612d05bec4d776dc251abbcd1fa4171b2db3980 42170 libgd-tools_2.1.0-5+deb8u4_amd64.deb
694fddad0afeca74252a7fa96e303469623e8a57 285990 libgd-dev_2.1.0-5+deb8u4_amd64.deb
cf5c751405d7ef91c0660b10661ac6e44f591650 147158 libgd3_2.1.0-5+deb8u4_amd64.deb
da96ddec0407ea5ee86f2b2d48ae77590c46b32b 312798 libgd-dbg_2.1.0-5+deb8u4_amd64.deb
3907816e7b17db029304207345db05a26ab62311 1226 libgd2-xpm-dev_2.1.0-5+deb8u4_amd64.deb
c54558be2a2fb692c3721066c0d5ae2fdaff9bfe 1234 libgd2-noxpm-dev_2.1.0-5+deb8u4_amd64.deb
Checksums-Sha256:
36f4108f39a7c0f94c3c6f7e82ded7fd97107a2ba562de53746e2cab3dfd149e 2467 libgd2_2.1.0-5+deb8u4.dsc
02d1970ea4764cea15586f5f9663cbfb20694f985f8bd50927912d481f1d61cc 42188 libgd2_2.1.0-5+deb8u4.debian.tar.xz
6f3d26ee2f2b3d4dbdef2e3c016ea8d961b4b2a8f11c9cb92fa5c9310fb7d3a6 42170 libgd-tools_2.1.0-5+deb8u4_amd64.deb
1a828e6d07c861f1664509f9b69c1cb976fa6500a32f44b042ecd7e3756c983a 285990 libgd-dev_2.1.0-5+deb8u4_amd64.deb
81c79acdb6280b5581f362e093447bb45b00b2cb12e08a2732a49f7ff98ecb4e 147158 libgd3_2.1.0-5+deb8u4_amd64.deb
ef6ad931e8cb4202914e916e0ddb8752c64092adae56d6fd84badb3f3385ab09 312798 libgd-dbg_2.1.0-5+deb8u4_amd64.deb
bdca1fb09a060f6855760cd8a61141b8c0edbb366f46935fae6c3798e04610c3 1226 libgd2-xpm-dev_2.1.0-5+deb8u4_amd64.deb
0d88e7dbe42220e4136b5cb72813a8b1538c2fb28d5f467268185f3893408cc9 1234 libgd2-noxpm-dev_2.1.0-5+deb8u4_amd64.deb
Files:
7406b8daef1a4a32288fb1917245e62b 2467 graphics optional libgd2_2.1.0-5+deb8u4.dsc
3f98fe92e5546e149a64c8c3a6cb175e 42188 graphics optional libgd2_2.1.0-5+deb8u4.debian.tar.xz
170f217cf2e9cc0c07c6303874565cec 42170 graphics optional libgd-tools_2.1.0-5+deb8u4_amd64.deb
480e518a04dbdf1675f35bf83901e104 285990 libdevel optional libgd-dev_2.1.0-5+deb8u4_amd64.deb
f3dc95517656c2ecb67811d1c5cf0f27 147158 libs optional libgd3_2.1.0-5+deb8u4_amd64.deb
449b6edc19c751a319c66671239d96ac 312798 debug extra libgd-dbg_2.1.0-5+deb8u4_amd64.deb
7cbc6eaf10cf3847c139baa6887b0644 1226 oldlibs extra libgd2-xpm-dev_2.1.0-5+deb8u4_amd64.deb
e530298ac8fc56048d092f1aa1c67f2d 1234 oldlibs extra libgd2-noxpm-dev_2.1.0-5+deb8u4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAEBCgBmBQJXiOAoXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHMKIP/01h981oZSck38eG1cSfGUnf
lIfC+JCADXSdEGP2lf0iVDnLteRDaopB7wCMUM1GbVrwxDOz4rsZxwC6pxz89iuv
/ht0SPzxaSKpz0SQ5UEi/tOno2aDFfgFW9G8Cp/la96ipcMGYzcpUqyB+TXliL5G
iAa6J7msxesgQ+4IUNrnLE+gqLyPEgP3Wga171lDf5AGd0BF+wD+I6oG4dBbW2VI
TTHM3qi69SsNFPB7GQx88n0ZHJaukmPLmRq1LOB4mvv1R6qlxTzNvaO4K6mkzcCi
il7MMEN7RKcoTCSRO4useHZy2q1oViZdcnU9d56iqDeirokaNK07wF562M1/lqzb
ovXUcjh4MiILTA3alx0Z70Vmtv11ROamHPQApjiD5PbFnj1mCjiNYfrjRtKmCIQL
dv7x0nsUerGVJxqmyuhLVah5zMIPQafQMwqSSm0BLDscgtkeVUxpTUn06wVFReJi
0znG53cztxdDN09+ULGie2JyLp3egOjM+ZK3w0sjhMUuCZ7Dm2ZZ4eKrGOVCJ2I6
6ZbitGLOgUfWdEEpuyqduHlfgutQg8EySFEh81T9ZV9iW00XMne+H89BTsFNkpFB
zWD7zy7Wcb+8llyQuH4U1zp0z5M8A7/y+IYmSbffaHI8mDDr0XsAzpKzXAbi7rtZ
b9TOaT/yuTI3m8hnoTOY
=gJe0
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 30 Aug 2016 07:31:47 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:38:40 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon