exiv2: CVE-2018-12265

Debian Bug report logs - #901706
exiv2: CVE-2018-12265

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: exiv2: CVE-2018-12265

Date: Sun, 17 Jun 2018 08:31:49 +0200

Source: exiv2
Version: 0.25-3.1
Severity: important
Tags: security upstream
Forwarded: https://github.com/Exiv2/exiv2/issues/365

Hi,

The following vulnerability was published for exiv2.

CVE-2018-12265[0]:
| Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in
| preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in
| basicio.cpp.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-12265
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265
[1] https://github.com/Exiv2/exiv2/issues/365

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #12 received at 901706-close@bugs.debian.org (full text, mbox, reply):

From: Maximiliano Curia <maxy@debian.org>

To: 901706-close@bugs.debian.org

Subject: Bug#901706: fixed in exiv2 0.25-4

Date: Thu, 28 Jun 2018 16:19:43 +0000

Source: exiv2
Source-Version: 0.25-4

We believe that the bug you reported is fixed in the latest version of
exiv2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901706@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Maximiliano Curia <maxy@debian.org> (supplier of updated exiv2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 28 Jun 2018 18:05:24 +0200
Source: exiv2
Binary: exiv2 libexiv2-14 libexiv2-dev libexiv2-doc
Architecture: source
Version: 0.25-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Maximiliano Curia <maxy@debian.org>
Description:
 exiv2      - EXIF/IPTC/XMP metadata manipulation tool
 libexiv2-14 - EXIF/IPTC/XMP metadata manipulation library
 libexiv2-dev - EXIF/IPTC/XMP metadata manipulation library - development files
 libexiv2-doc - EXIF/IPTC/XMP metadata manipulation library - HTML documentation
Closes: 901706 901707
Changes:
 exiv2 (0.25-4) unstable; urgency=medium
 .
   [ Roberto C. Sanchez ]
   * CVE-2018-10958: denial of service through memory exhaustion and
     application crash by a crafted PNG image.
   * CVE-2018-10999: a heap-based buffer over-read via a crafted PNG image.
   * CVE-2018-10998: denial of service through memory exhaustion and
     application crash by a crafted image.
   * CVE-2018-11531: a heap-based buffer overflow and application crash by a
     crafted image.
   * CVE-2018-12264: integer overflow leading to out of bounds read by a
     crafted image. (Closes: #901707)
   * CVE-2018-12265: integer overflow leading to out of bounds read by a
     crafted image. (Closes: #901706)
 .
   [ Maximiliano Curia ]
   * Bump debhelper build-dep and compat to 11
   * Bump to Standards-Version 4.1.4
   * Update Vcs fields
   * Migrate to automatic dbgsym packages
   * Drop parallel and autotools_dev from dh call
   * Update watch file
   * Release to unstable
Checksums-Sha1:
 80ee36cc670b30382d795e0e43071ff40daac3a6 2237 exiv2_0.25-4.dsc
 5a2a810137b3cc0b921300eda8cd8e5a446267c6 26800 exiv2_0.25-4.debian.tar.xz
 3cdf36daa348335c38ddc2752895d8f0584990e0 7783 exiv2_0.25-4_source.buildinfo
Checksums-Sha256:
 144b9d823f69b93737dee5567d4483e1cb24654bf6f2f48fd0e8cd04bf204fe8 2237 exiv2_0.25-4.dsc
 21eb7f23d4e56afbd802c931fbc805ddec488b85be074972d15eaf8b1af0e936 26800 exiv2_0.25-4.debian.tar.xz
 0730e3a518b9e50f9eade71b7171efdcc0164a1fd8c3d0748a38f7a85f953d59 7783 exiv2_0.25-4_source.buildinfo
Files:
 5284f473af5414e346fa8575f1eb8d5e 2237 graphics optional exiv2_0.25-4.dsc
 efe097b65e2c735a5a283be5254a3e23 26800 graphics optional exiv2_0.25-4.debian.tar.xz
 22b2cadfb3a12118e3f7d135b292a902 7783 graphics optional exiv2_0.25-4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE+JIdOnQEyG4RNSIVxxl2mbKbIyoFAls1B6kACgkQxxl2mbKb
Iyot9RAAsyHIJZ0U3LPAEL0eO/oXkQoHOetMjqLf4dVwkHxnJVX9VMrbIU+FkHcC
qnqcJoFEzMCQMI1Dz2TMV5LutSQRnro/TErbHuhp5yRbVFJJjAbnh0u/sC/RBf30
wt5stsbMuXK7mA1XZiXMq4uCoRk2bTRtt/f9MoEbjV/P9ase/V9HYhDk+8ympqAu
4orI/C7OP9lA1OHRPB01UsmXb4vze2YYilrRhmNua5aeqdTN9iLeLQuobQg0yNl+
6iwT1QV3HD5FQfn5GTFOvF4xeTqUZwtQY0dJWPUVvMbqhEs6dHL2x3WaCmdhL3XX
MzqtnDSOy1NeXluVswjlPa7YgQtkuWibZ5OwaPP1DPVpoofI32luVqQXlCDlyiFj
+BPM4JHTme9ETpKhuUmaQeVRISnUXZf+9Oqpu4gLoG5AMyJ95uEHBCQ2bV1y2ITQ
yChvyquBiiPGmLR78zlDoHxgXJ8q0MsLIDVqC45gGG4+O2Z9u8ziu26G0zdeL9hA
FnN8Hl3YmykjUx01nGaMdmC5nwqO3DjOzboOP8b4BJfoRHUfBlKXFww8AjRvs7sE
UXcvNgilfqeX/l/M4bSvHQE9nBYa4gV78tY4hxBC8RLzWkfXgibB3EbAqhXUFFVM
xgOxus8oi3cOVY8hiLqznwkKoU18Lm+6aR0sZ24CrJxhmwagnu0=
=28Rh
-----END PGP SIGNATURE-----

Message #17 received at 901706-close@bugs.debian.org (full text, mbox, reply):

From: roberto@debian.org (Roberto C. Sanchez)

To: 901706-close@bugs.debian.org

Subject: Bug#901706: fixed in exiv2 0.25-3.1+deb9u1

Date: Wed, 04 Jul 2018 20:47:11 +0000

Source: exiv2
Source-Version: 0.25-3.1+deb9u1

We believe that the bug you reported is fixed in the latest version of
exiv2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 901706@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Roberto C. Sanchez <roberto@debian.org> (supplier of updated exiv2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 27 Jun 2018 08:09:36 -0400
Source: exiv2
Binary: exiv2 libexiv2-14 libexiv2-dev libexiv2-doc libexiv2-dbg
Architecture: source amd64 all
Version: 0.25-3.1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Description:
 exiv2      - EXIF/IPTC/XMP metadata manipulation tool
 libexiv2-14 - EXIF/IPTC/XMP metadata manipulation library
 libexiv2-dbg - EXIF/IPTC/XMP metadata manipulation library - debug
 libexiv2-dev - EXIF/IPTC/XMP metadata manipulation library - development files
 libexiv2-doc - EXIF/IPTC/XMP metadata manipulation library - HTML documentation
Closes: 901706 901707
Changes:
 exiv2 (0.25-3.1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2018-10958: denial of service through memory exhaustion and
     application crash by a crafted PNG image.
   * CVE-2018-10999: a heap-based buffer over-read via a crafted PNG image.
   * CVE-2018-10998: denial of service through memory exhaustion and
     application crash by a crafted image.
   * CVE-2018-11531: a heap-based buffer overflow and application crash by a
     crafted image.
   * CVE-2018-12264: integer overflow leading to out of bounds read by a
     crafted image. (Closes: #901707)
   * CVE-2018-12265: integer overflow leading to out of bounds read by a
     crafted image. (Closes: #901706)
Checksums-Sha1:
 0c37645bf6bf7c74e761ab1569e9621a8eba75fe 2304 exiv2_0.25-3.1+deb9u1.dsc
 adb8ffe63916e7c27bda9792e690d1330ec7273d 5434325 exiv2_0.25.orig.tar.gz
 38f74c4d2371e66116f3955a164a058ce38fdeb6 26540 exiv2_0.25-3.1+deb9u1.debian.tar.xz
 72aae5add7dc6feea92b22179e07bc0b36d3c2b8 9284 exiv2_0.25-3.1+deb9u1_amd64.buildinfo
 655f2b9c182d89e8b828913fa674a216b1a7262a 108374 exiv2_0.25-3.1+deb9u1_amd64.deb
 d7d2d94af492125d854e72ddde07539e93cfc1be 711486 libexiv2-14_0.25-3.1+deb9u1_amd64.deb
 a9616d929920ca54a991ae8651438b355059d43d 6259034 libexiv2-dbg_0.25-3.1+deb9u1_amd64.deb
 bfebbb866f466626d5c6696afa89c1ebf5976edc 7525488 libexiv2-dev_0.25-3.1+deb9u1_amd64.deb
 9cdb4c88984de048de54e88b97c60a8e8479fd9e 20172172 libexiv2-doc_0.25-3.1+deb9u1_all.deb
Checksums-Sha256:
 2b6c0b81178506feab3c69724a42443200fe5aa91665028a7aa1618e39fab607 2304 exiv2_0.25-3.1+deb9u1.dsc
 c80bfc778a15fdb06f71265db2c3d49d8493c382e516cb99b8c9f9cbde36efa4 5434325 exiv2_0.25.orig.tar.gz
 2a24fa184ae4a38b1d1292c3286f089100b626ae056355de8c5be73ba0e4b0b8 26540 exiv2_0.25-3.1+deb9u1.debian.tar.xz
 1170947777585eb5f3a12c671535e9beaddaec9bad257af5a0e2a07ca3255d6b 9284 exiv2_0.25-3.1+deb9u1_amd64.buildinfo
 00c06e973d12a68495389a2910201a9a92bb1ac5d5abf64c17ce7754b69b5a85 108374 exiv2_0.25-3.1+deb9u1_amd64.deb
 390c2b760f3305279d5234a11fb65d25679d5ef34d7ed18061f7399faaaabcec 711486 libexiv2-14_0.25-3.1+deb9u1_amd64.deb
 daeae9d88228bb78b083235069666929384710b3a13d2abeb9706447f3404883 6259034 libexiv2-dbg_0.25-3.1+deb9u1_amd64.deb
 45332ef636b894a8acdd0228e7ed6354814e51dd7790aa97ab286c018a201eed 7525488 libexiv2-dev_0.25-3.1+deb9u1_amd64.deb
 090f6efc576d3dae31426781fce20f91c6151ce400203b679f67931f4bd3d5ba 20172172 libexiv2-doc_0.25-3.1+deb9u1_all.deb
Files:
 4c377d1c6ca4d94a36d6db1b1a3e882e 2304 graphics optional exiv2_0.25-3.1+deb9u1.dsc
 258d4831b30f75a01e0234065c6c2806 5434325 graphics optional exiv2_0.25.orig.tar.gz
 8c6d5de6827f13177285925913140b3d 26540 graphics optional exiv2_0.25-3.1+deb9u1.debian.tar.xz
 1f9c6bd0c277f63844244036ad47bc3a 9284 graphics optional exiv2_0.25-3.1+deb9u1_amd64.buildinfo
 a6a28ec4edad97944f4be78d70ba6036 108374 graphics optional exiv2_0.25-3.1+deb9u1_amd64.deb
 f22d1202cd7c0f5445f958554a27c631 711486 libs optional libexiv2-14_0.25-3.1+deb9u1_amd64.deb
 ba1e096ed59b3d384e325644a00f7507 6259034 debug extra libexiv2-dbg_0.25-3.1+deb9u1_amd64.deb
 3d43e9402856d0ecadb3166fcfdc7264 7525488 libdevel optional libexiv2-dev_0.25-3.1+deb9u1_amd64.deb
 ec53ca2c02b71894159276666f481d95 20172172 doc optional libexiv2-doc_0.25-3.1+deb9u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAls32jQACgkQLNd4Xt2n
sg/zRQ/+LCqNOWBnPiKQzwMKSfeVPgrIk/9vcbDnLFBeXd9WTZv1Z+I/7lvRAoxI
DXYjI/fMhAXSNcWdDzL+Uzk5rUF8c8DX/6gemHSS83Z/luj4pleS+nQRP0Vx6Llh
OE3g0FeH3NDEYb+uzSLxqCmtI+9m2CR8XBrjywupJSbU1gVs7BSp9Ino+0Xm3LIx
f7iYJH4sBAf2mjIe+KAVQNJ7i4dtst53XYU9VOXFBnFWnBeFxHtH4Z3JrQ/OPPf+
lnFcnRaj4wYJGQgJMS12k0Y3lR9NkhwlnUmGflMX2MYRnUkFqr6ZlC9UpMIM9sLp
53/jgRzZC7ZL8f/UHIVDcxT3MYwoQC8GwRKFItVO+3H+S9/xaXk9bJIgj5jM7l51
kJznznABmUAf0dgAT4kej2XH135CkHq+ub+qtwgKoHfajHqK+lHSesZbnFc6nAf8
IhTRY5kAN6DsKN+X88kDi2Gve4uE/2Ko2jIFL0E9AgYM1SBKvDDPSkbzCuXl/XOb
1gbHTUWAFshkEe4y45oBCGCLon2jsGAroxVltF7ZvlUG7+3jSbGDf91eTtkH6RGt
Q7WRdX0b7lEoLVu2hiBxJdks8gTHJdZqut+T8WiMKMZOOhPAWoNHQqhs4ueTB/Ab
suJM6pNEbt1It59Y0THi5gXeM1YOoMU1aXaEoWVix2sxoWS8JOw=
=y6eR
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.