Debian Bug report logs -
#931311
libsixel: Multiple security issues (CVE-2018-19756 CVE-2018-19757 CVE-2018-19759 CVE-2018-19761 CVE-2018-19762 CVE-2018-19763)
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, NOKUBI Takatsugu <knok@daionet.gr.jp>:
Bug#931311; Package libsixel.
(Mon, 01 Jul 2019 13:27:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Sylvain Beucler <beuc@beuc.net>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, NOKUBI Takatsugu <knok@daionet.gr.jp>.
(Mon, 01 Jul 2019 13:27:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: libsixel
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerabilities were published for libsixel.
AFAICS upstream didn't act on them yet (see issues links).
CVE-2018-19756[0]:
| There is a heap-based buffer over-read at stb_image.h (function:
| stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service.
CVE-2018-19757[1]:
| There is a NULL pointer dereference at function
| sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that
| will cause a denial of service.
CVE-2018-19759[2]:
| There is a heap-based buffer over-read at stb_image_write.h (function:
| stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of
| service.
CVE-2018-19761[3]:
| There is an illegal address access at fromsixel.c (function:
| sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of
| service.
CVE-2018-19762[4]:
| There is a heap-based buffer overflow at fromsixel.c (function:
| image_buffer_resize) in libsixel 1.8.2 that will cause a denial of
| service or possibly unspecified other impact.
CVE-2018-19763[5]:
| There is a heap-based buffer over-read at writer.c (function:
| write_png_to_file) in libsixel 1.8.2 that will cause a denial of
| service.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-19756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19756
https://github.com/saitoha/libsixel/issues/80
[1] https://security-tracker.debian.org/tracker/CVE-2018-19757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19757
https://github.com/saitoha/libsixel/issues/79
[2] https://security-tracker.debian.org/tracker/CVE-2018-19759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19759
https://github.com/saitoha/libsixel/issues/77
[3] https://security-tracker.debian.org/tracker/CVE-2018-19761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19761
https://github.com/saitoha/libsixel/issues/78
[4] https://security-tracker.debian.org/tracker/CVE-2018-19762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19762
https://github.com/saitoha/libsixel/issues/81
[5] https://security-tracker.debian.org/tracker/CVE-2018-19763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19763
https://github.com/saitoha/libsixel/issues/82
Please adjust the affected versions in the BTS as needed.
Cheers!
Sylvain Beucler, Debian LTS team
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 01 Jul 2019 19:09:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Tue Jul 2 11:20:20 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon