Debian Bug report logs -
#907983
lcms2: CVE-2018-16435
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, team@security.debian.org, Thomas Weber <tweber@debian.org>:
Bug#907983; Package src:lcms2.
(Tue, 04 Sep 2018 19:09:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, team@security.debian.org, Thomas Weber <tweber@debian.org>.
(Tue, 04 Sep 2018 19:09:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: lcms2
Version: 2.8-4
Severity: grave
Tags: patch security upstream
Forwarded: https://github.com/mm2/Little-CMS/issues/171
Control: fixed -1 2.8-4+deb9u1
Hi,
The following vulnerability was published for lcms2.
CVE-2018-16435[0]:
| Little CMS (aka Little Color Management System) 2.9 has an integer
| overflow in the AllocateDataSet function in cmscgats.c, leading to a
| heap-based buffer overflow in the SetData function via a crafted file
| in the second argument to cmsIT8LoadFromFile.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-16435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435
[1] https://github.com/mm2/Little-CMS/commit/768f70ca405cd3159d990e962d54456773bb8cf8
[2] https://github.com/mm2/Little-CMS/issues/171
Please adjust the affected versions in the BTS as needed, already
added the fixed version for the pending DSA upload.
Regards,
Salvatore
Marked as fixed in versions lcms2/2.8-4+deb9u1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org.
(Tue, 04 Sep 2018 19:09:04 GMT) (full text, mbox, link).
Reply sent
to Thomas Weber <tweber@debian.org>:
You have taken responsibility.
(Wed, 05 Sep 2018 16:39:03 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 05 Sep 2018 16:39:03 GMT) (full text, mbox, link).
Message #12 received at 907983-close@bugs.debian.org (full text, mbox, reply):
Source: lcms2
Source-Version: 2.9-3
We believe that the bug you reported is fixed in the latest version of
lcms2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 907983@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Weber <tweber@debian.org> (supplier of updated lcms2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 05 Sep 2018 17:59:06 +0200
Source: lcms2
Binary: liblcms2-dev liblcms2-2 liblcms2-utils
Architecture: source amd64
Version: 2.9-3
Distribution: unstable
Urgency: medium
Maintainer: Thomas Weber <tweber@debian.org>
Changed-By: Thomas Weber <tweber@debian.org>
Description:
liblcms2-2 - Little CMS 2 color management library
liblcms2-dev - Little CMS 2 color management library development headers
liblcms2-utils - Little CMS 2 color management library (utilities)
Closes: 907983
Changes:
lcms2 (2.9-3) unstable; urgency=medium
.
* Fix integer overflow in AllocateDataSet() (CVE-2018-16435)
Thanks to Salvatore Bonaccorso <carnil@debian.org> and
Marti Maria <marti.maria@littlecms.com>
(Closes: #907983)
Checksums-Sha1:
f5343fc8f536e05b6131a184dbe682a618f36db8 1956 lcms2_2.9-3.dsc
e637ae3166a8b7a74b5ffdbb49ae60e0cde07eb7 10580 lcms2_2.9-3.debian.tar.xz
55f22ce9c1c36812bada434a63440b152e35a42b 6969 lcms2_2.9-3_amd64.buildinfo
4bbc551ae618543d88c0ad47de92d236e23072a1 471740 liblcms2-2-dbgsym_2.9-3_amd64.deb
7706bca68b9df7f98e3f7d289de2d224b4eb7841 145288 liblcms2-2_2.9-3_amd64.deb
323e4bb17a4da7c3eb24e8e7210dba4c140955cf 9102356 liblcms2-dev_2.9-3_amd64.deb
9b6c7cfca1e824b300ad70f87fb3283eb3ab52e4 126396 liblcms2-utils-dbgsym_2.9-3_amd64.deb
d2305eb2d87f118f1706cb3d78b6d7e801629ba4 47496 liblcms2-utils_2.9-3_amd64.deb
Checksums-Sha256:
2529e211246393053d2f1567f067f9983facf086185b582a56d10ecf04f9ca80 1956 lcms2_2.9-3.dsc
5916773a94edbfac06c36c95d8c6b7e8dc304cecb91897f84575f51f22663744 10580 lcms2_2.9-3.debian.tar.xz
d401f2aa6ffec5c46cc366ffd9f32152c09525fffa1b01b33f2bcc9acbebdc7b 6969 lcms2_2.9-3_amd64.buildinfo
c8e5d0f8bced8e56352667186cca64e3a63f6b2d2696f61e40e48dee9ec937ed 471740 liblcms2-2-dbgsym_2.9-3_amd64.deb
6dd806a326519b98ed9e54b184b4da2d256c4d516e75d0a38f2f6059e14eb325 145288 liblcms2-2_2.9-3_amd64.deb
a7951bd0991b89dfcac93a31da7eb95b34fab8d34dd70641b3027c59307e08ef 9102356 liblcms2-dev_2.9-3_amd64.deb
44a9bdad4a57d8db105f4dde464e6540ee78de0aee0501418cb950bd420ab20e 126396 liblcms2-utils-dbgsym_2.9-3_amd64.deb
36bdaf73fe21278a82fb78700cabb39a4c414967de1421f671601670bbf6cca4 47496 liblcms2-utils_2.9-3_amd64.deb
Files:
aa4ca28c2d6783095ff730743b5706c7 1956 libs optional lcms2_2.9-3.dsc
f2f8522136d35109a61296b03e230811 10580 libs optional lcms2_2.9-3.debian.tar.xz
cdfc9b929591b978212552e7a70db98f 6969 libs optional lcms2_2.9-3_amd64.buildinfo
01df1b670531b9dcb9e3da01584bb43a 471740 debug optional liblcms2-2-dbgsym_2.9-3_amd64.deb
34a14897805c74d40117eb0d41e6e758 145288 libs optional liblcms2-2_2.9-3_amd64.deb
a6be7d05403a25d5112ff95af4f8afad 9102356 libdevel optional liblcms2-dev_2.9-3_amd64.deb
f36404435ca2894960f0a83ff99f5495 126396 debug optional liblcms2-utils-dbgsym_2.9-3_amd64.deb
c3e82b229147c5fc54e8b7fee247d29b 47496 utils optional liblcms2-utils_2.9-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXcRrV8dHdlRr8Kg5x/+TixwaPkkFAluQAQQACgkQx/+Tixwa
PknYXRAAnhl8dA0dxg3nouLzC0qqZgu3wYAvKVjOnlqqcaVLrYuGp95KDJF4EKDW
uHY6kdKYXbP6+vauS/Fhql7nWmX/ejoPSnK1Lln3SaST4EA9SGOv5iFIurYruRvx
E0iSya2naUODvbWf0/W5GDTA3USf1wcE/PJn23Hmk4Ch5cSGxZHjcNPYxLOJ5yoF
v4+8g++gKAN+pDdrJnzMghG13HLScTSNfz+KuM3ahGnnAvqoxtFw2JtFmcojtQ3Q
FRq7bwgyNUyiUWpoIMvulevabKrKDjI2YmoTz136bs1rfPp9SmY+2qyNQvGwTkRN
fUXHzholyVMZq5UUNHadU7lNYDB42pmspc71NZ1MMw0lEFadfdnfyl1hlp1D1+K2
M/ndKo5OpLmcnLOQag/oBAFsBpO9vqjQl15VwQxpyv4EgHXMWsQ2vL+fEI/AIfsO
HJo/IQae/hYiuWZTErnxlNCalkBQ/w+ISOcJIgnpWgiwIUb9hqO5hqtVYaTxLkMu
G3znbjOAnLIrIVROoG/JItHxC5OBKb+EHqmKbk/ND6SHz90AIJM6JYgRaosYFPHO
waiwdy9O3ggnyjE63Zh7SfwCz/uTenfd8wQjilOdQRkqH9fA2KcVHEgg3Eemee9v
xPALV600333woCRgW7HvhEXlHPPL5KagAfYoSENVK8emqCZgEVs=
=U+bP
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 11 Nov 2018 07:34:39 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:47:31 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon