Debian Bug report logs -
#870158
graphicsmagick: CVE-2017-11722
Reported by: Markus Koschany <apo@debian.org>
Date: Sun, 30 Jul 2017 14:21:02 UTC
Severity: grave
Tags: security, upstream
Found in version graphicsmagick/1.3.26-3
Fixed in version graphicsmagick/1.3.26-4
Done: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>:
Bug#870149; Package graphicsmagick.
(Sun, 30 Jul 2017 14:21:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Markus Koschany <apo@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>.
(Sun, 30 Jul 2017 14:21:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: graphicsmagick
X-Debbugs-CC: team@security.debian.org secure-testing-team@lists.alioth.debian.org
Severity: grave
Tags: security
Hi,
the following vulnerabilities were published for graphicsmagick.
CVE-2017-11636[0]:
| GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage()
| function in coders/rgb.c when processing multiple frames that have
| non-identical widths.
CVE-2017-11637[1]:
| GraphicsMagick 1.3.26 has a NULL pointer dereference in the
| WritePCLImage() function in coders/pcl.c during writes of monochrome
| images.
CVE-2017-11638[2]:
| GraphicsMagick 1.3.26 has a segmentation violation in the
| WriteMAPImage() function in coders/map.c when processing a
| non-colormapped image, a different vulnerability than CVE-2017-11642.
CVE-2017-11641[3]:
| GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in
| magick/pixel_cache.c during writing of Magick Persistent Cache (MPC)
| files.
CVE-2017-11642[4]:
| GraphicsMagick 1.3.26 has a NULL pointer dereference in the
| WriteMAPImage() function in coders/map.c when processing a
| non-colormapped image, a different vulnerability than CVE-2017-11638.
CVE-2017-11643[5]:
| GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage()
| function in coders/cmyk.c when processing multiple frames that have
| non-identical widths.
CVE-2017-11722[6]:
| The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26
| allows remote attackers to cause a denial of service (out-of-bounds
| read and application crash) via a crafted file, because the program's
| actual control flow was inconsistent with its indentation. This
| resulted in a logging statement executing outside of a loop, and
| consequently using an invalid array index corresponding to the loop's
| exit condition.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-11636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11636
[1] https://security-tracker.debian.org/tracker/CVE-2017-11637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11637
[2] https://security-tracker.debian.org/tracker/CVE-2017-11638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11638
[3] https://security-tracker.debian.org/tracker/CVE-2017-11641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11641
[4] https://security-tracker.debian.org/tracker/CVE-2017-11642
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11642
[5] https://security-tracker.debian.org/tracker/CVE-2017-11643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11643
[6] https://security-tracker.debian.org/tracker/CVE-2017-11722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11722
Please adjust the affected versions in the BTS as needed.
Regards,
Markus
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>:
Bug#870149; Package graphicsmagick.
(Sun, 30 Jul 2017 14:33:04 GMT) (full text, mbox, link).
Acknowledgement sent
to László Böszörményi (GCS) <gcs@debian.org>:
Extra info received and forwarded to list. Copy sent to Laszlo Boszormenyi (GCS) <gcs@debian.org>.
(Sun, 30 Jul 2017 14:33:05 GMT) (full text, mbox, link).
Message #10 received at 870149@bugs.debian.org (full text, mbox, reply):
Hi Markus,
On Sun, Jul 30, 2017 at 4:19 PM, Markus Koschany <apo@debian.org> wrote:
> Package: graphicsmagick
> Severity: grave
> Tags: security
[...]
> the following vulnerabilities were published for graphicsmagick.
Thanks for the heads-up - all of these are in the tracker since 26th
of July, committed by Salvatore (carnil), right?
Regards,
Laszlo/GCS
Information forwarded
to debian-bugs-dist@lists.debian.org, Laszlo Boszormenyi (GCS) <gcs@debian.org>:
Bug#870149; Package graphicsmagick.
(Sun, 30 Jul 2017 14:39:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Markus Koschany <apo@debian.org>:
Extra info received and forwarded to list. Copy sent to Laszlo Boszormenyi (GCS) <gcs@debian.org>.
(Sun, 30 Jul 2017 14:39:03 GMT) (full text, mbox, link).
Message #15 received at 870149@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi László,
Am 30.07.2017 um 16:30 schrieb László Böszörményi (GCS):
> Hi Markus,
>
> On Sun, Jul 30, 2017 at 4:19 PM, Markus Koschany <apo@debian.org> wrote:
>> Package: graphicsmagick
>> Severity: grave
>> Tags: security
> [...]
>> the following vulnerabilities were published for graphicsmagick.
> Thanks for the heads-up - all of these are in the tracker since 26th
> of July, committed by Salvatore (carnil), right?
>
> Regards,
> Laszlo/GCS
Right. I just wanted to make sure that we track these new issues with a bug report. Have a nice weekend.
Regards,
Markus
[signature.asc (application/pgp-signature, attachment)]
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 30 Jul 2017 15:45:04 GMT) (full text, mbox, link).
Marked as found in versions graphicsmagick/1.3.26-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 30 Jul 2017 15:54:03 GMT) (full text, mbox, link).
Changed Bug title to 'graphicsmagick: CVE-2017-11722' from 'CVE-2017-11636, CVE-2017-11637, CVE-2017-11638, CVE-2017-11641, CVE-2017-11642, CVE-2017-11643, CVE-2017-11722'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 30 Jul 2017 15:57:06 GMT) (full text, mbox, link).
Reply sent
to Laszlo Boszormenyi (GCS) <gcs@debian.org>:
You have taken responsibility.
(Sun, 30 Jul 2017 21:09:15 GMT) (full text, mbox, link).
Notification sent
to Markus Koschany <apo@debian.org>:
Bug acknowledged by developer.
(Sun, 30 Jul 2017 21:09:15 GMT) (full text, mbox, link).
Message #28 received at 870158-close@bugs.debian.org (full text, mbox, reply):
Source: graphicsmagick
Source-Version: 1.3.26-4
We believe that the bug you reported is fixed in the latest version of
graphicsmagick, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 870158@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <gcs@debian.org> (supplier of updated graphicsmagick package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 30 Jul 2017 18:47:55 +0000
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.26-4
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
graphicsmagick - collection of image processing tools
graphicsmagick-dbg - format-independent image processing - debugging symbols
graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
libgraphics-magick-perl - format-independent image processing - perl interface
libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library
libgraphicsmagick++1-dev - format-independent image processing - C++ development files
libgraphicsmagick-q16-3 - format-independent image processing - C shared library
libgraphicsmagick1-dev - format-independent image processing - C development files
Closes: 870149 870153 870154 870155 870156 870157 870158
Changes:
graphicsmagick (1.3.26-4) unstable; urgency=high
.
* Fix CVE-2017-11643: heap overflow in the WriteCMYKImage() function
(closes: #870157).
* Fix CVE-2017-11636: heap overflow in the WriteRGBImage() function
(closes: #870149).
* Fix CVE-2017-11638 and CVE-2017-11642: null pointer dereference or SEGV if
input is not colormapped (closes: #870154, #870156).
* Fix CVE-2017-11641: memory leak while writing Magick Persistent Cache
format (closes: #870155).
* Fix CVE-2017-11637: NULL pointer dereference in the WritePCLImage()
function (closes: #870153).
* Fix CVE-2017-11722: denial of service via a crafted file
(closes: #870158).
* Remove autotools-dev and dh-autoreconf build dependencies.
Checksums-Sha1:
12e0f95b125eae52b333c32e664dd9e8dc52218c 2774 graphicsmagick_1.3.26-4.dsc
3726682e10dc66b9ad2500325bd4f5ba26273978 146100 graphicsmagick_1.3.26-4.debian.tar.xz
03c317e36a0eb1a85cdc66bf3cb7fafe840300fc 3174116 graphicsmagick-dbg_1.3.26-4_amd64.deb
a892530e1388be13d210f95fdb929a0ceadefa30 23074 graphicsmagick-imagemagick-compat_1.3.26-4_all.deb
f15eff5b82863ade94a99baa2a318e2426c83c3d 26512 graphicsmagick-libmagick-dev-compat_1.3.26-4_all.deb
d8e16c9f2c853900872093238871802daed0675a 11432 graphicsmagick_1.3.26-4_amd64.buildinfo
00b8817973e63c337a976142c04614feaae9acab 864292 graphicsmagick_1.3.26-4_amd64.deb
206fc93bf28410553bb82c695ccd82aa69a5ae1c 70034 libgraphics-magick-perl_1.3.26-4_amd64.deb
f53ab3a21c129f864ab17b6440a194ee0968dde4 117526 libgraphicsmagick++-q16-12_1.3.26-4_amd64.deb
8d79e892c40d0f0ab4d66acc55f9bd4d04e963bf 302300 libgraphicsmagick++1-dev_1.3.26-4_amd64.deb
0d4e0e577100b275e7bcc7ee3e3cb3bdc08ce647 1112214 libgraphicsmagick-q16-3_1.3.26-4_amd64.deb
514c8fd92ba327e628462d9a4e2cf935ea0d36ec 1334842 libgraphicsmagick1-dev_1.3.26-4_amd64.deb
Checksums-Sha256:
c62cd077bd3e39fbc964bea3b46fa5b4ccf0468545c0a115a8f596651f375c14 2774 graphicsmagick_1.3.26-4.dsc
6645c18f68a27053bdb8bce2f147320541c085e15ae0e147828a648d2e30c18e 146100 graphicsmagick_1.3.26-4.debian.tar.xz
c5af28a0721c4f26fbb23c1e127d888ce7e58ee6b8bbf111a15ca97b80bf8093 3174116 graphicsmagick-dbg_1.3.26-4_amd64.deb
07d273efe9e4a381af7641ebd6d9a2342444b3dde1fe87e0d03599cfbff4e818 23074 graphicsmagick-imagemagick-compat_1.3.26-4_all.deb
07e70a7c941f56336a075aa111a55e378b16955823aca2d96842596fb12feecb 26512 graphicsmagick-libmagick-dev-compat_1.3.26-4_all.deb
be5aa5e91debeceae2a77409043be70686285e245ee477ee3dc43493b420e997 11432 graphicsmagick_1.3.26-4_amd64.buildinfo
bfc1ee0365f195e20d4d108d390dfad8d5ee5e77ff93dca1923fcccf13c01cf9 864292 graphicsmagick_1.3.26-4_amd64.deb
c252e0cb6a4b421e8bf9661462969ad34fec32201be91d2cd6e4160780236535 70034 libgraphics-magick-perl_1.3.26-4_amd64.deb
e4dab6dd7a606d33d9349306cf13092afe8b5eabee0a6f96473ba71f0d02a57c 117526 libgraphicsmagick++-q16-12_1.3.26-4_amd64.deb
f0ebd80d7836bbb7f00eb2e44e71d8e809c489180166076475d48c83633bc32f 302300 libgraphicsmagick++1-dev_1.3.26-4_amd64.deb
4c8c4ec4c415ad69e0ccdd87cd151abbf88538f8d59b4f230a63eaa615a01020 1112214 libgraphicsmagick-q16-3_1.3.26-4_amd64.deb
72ebfdd8358a1b2ff0df7949bf3a18b8857b41ba22775ed23884b6ffa9e1c166 1334842 libgraphicsmagick1-dev_1.3.26-4_amd64.deb
Files:
5dac87409dedd003328fc4fb1925e10d 2774 graphics optional graphicsmagick_1.3.26-4.dsc
4421b266e5a9932a93c16c38dec3c96d 146100 graphics optional graphicsmagick_1.3.26-4.debian.tar.xz
df1c42b55a600b604868ba42ac6f322b 3174116 debug extra graphicsmagick-dbg_1.3.26-4_amd64.deb
4e418ea3fc373ac9c9f6ce4b5e7151c1 23074 graphics extra graphicsmagick-imagemagick-compat_1.3.26-4_all.deb
18bfb5fa56d5810dc2fa561fff581234 26512 graphics extra graphicsmagick-libmagick-dev-compat_1.3.26-4_all.deb
a5d1061fbee9c1d68bd8c2ac47f7b32d 11432 graphics optional graphicsmagick_1.3.26-4_amd64.buildinfo
1496eacdf31e9362b70792e5990e7ece 864292 graphics optional graphicsmagick_1.3.26-4_amd64.deb
f77f01aab175d563fd13e6f01e2e30d8 70034 perl optional libgraphics-magick-perl_1.3.26-4_amd64.deb
d0b18c9529afa2840ad489dca8514da6 117526 libs optional libgraphicsmagick++-q16-12_1.3.26-4_amd64.deb
7891e1a8d370a56970a13e3565a90d68 302300 libdevel optional libgraphicsmagick++1-dev_1.3.26-4_amd64.deb
2755e409c5da7b88894cfc8a4d97a7b5 1112214 libs optional libgraphicsmagick-q16-3_1.3.26-4_amd64.deb
127b354307dbe71c7f214d5b12ff2605 1334842 libdevel optional libgraphicsmagick1-dev_1.3.26-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAll+Rl0ACgkQ3OMQ54ZM
yL/QXA//Z7NajGCqQg1njS7lXpTm5Y4U+AfOpzI+6WhxuTKjcp89rrmpN/ZLJdt8
ksiPHHPseEJVRlqv6YwTlzXPz08ZRRDwz0GRHRQudze2bvPI9wwAKgzAlX84LUx6
4eyM9oK1f6QwpyFiXz81cybT4sHrzbA2BEAld2bgG9/j8xKak6yVOCana/1rtOiG
EPPLqg5+TNd2dp7gWFkS3FDnTqugHzTIjdsxSe0BeGZrL/czSWhxDK5kBHAgLPOS
UaZ3/fSDcjZDOMDKY6vB9dZxtwtH9Qz/j07CJWZAifo9TkfwGibIDRrZrrPcgNMb
UNHBWC/dxgT/LmVp7ZvPUDjbIB7gAu3xaq3aIlzbRdw7JIrRjxQp2kFsvRGI5icG
bk/HyU/R2DcScJF9wYcRTxlJVtC2TyNnb6IaM2Y2fIKjnVGyv//pFDhvaJ0xaDdp
T3HmbFPN3/8JK+01L3UsQG1rd2nNvjAI4R9rGA2lFSvbKi4ZTWUnKLTzcBbGzh9o
82H8yOU+OQykTJp1i5z2w3m7sT1EODnNTugyWsvlgW4YVAno4pTozA6tQE57VGlH
dFa53drROTxmqaFmpk1+nNz0quEvuSQqpz7w/YT9B/wxseTF4Jg+d1WFpPdElhba
5XiRTp1s8e2yrYhrdJKUwmngzBi/qMkYFkrW8VmJ4u085ZOtjE0=
=QBaD
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 29 Aug 2017 07:27:47 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:07:01 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon