Bug 1047494
| Summary: | Fix for CVE-2013-6045 breaks decoding of chroma-subsampled images | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Olle Eriksson <olle> | |
| Component: | openjpeg | Assignee: | Petr Hracek <phracek> | |
| Status: | CLOSED ERRATA | QA Contact: | Filip Holec <fholec> | |
| Severity: | high | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 6.5 | CC: | adam, bgilbert, cww, dkutalek, fholec, hmiles, mmcallis, mmello, ovasik, psplicha, rdieter | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | openjpeg-1.3-11.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1207473 (view as bug list) | Environment: | ||
| Last Closed: | 2014-12-17 09:26:57 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 994246, 1075802, 1159820, 1159926 | |||
|
Description
Olle Eriksson
2013-12-31 11:17:47 UTC
Reassigning to openjpeg. The OpenJPEG patch for CVE-2013-6045 disables decoding of images whose first color component has a higher resolution than subsequent components. This is a legitimate image encoding; consider, for example, YCbCr images with chroma subsampling. This change is preventing OpenSlide from decoding certain Aperio slide files (example slide at [1]). For example, consider p0_06.j2k from the OpenJPEG test suite [2]. With 1.3-9.el6_3: $ j2k_to_image -i p0_06.j2k -o out.ppm [INFO] tile 1 of 1 [INFO] - tiers-1 took 0.020997 s [INFO] - dwt took 0.002000 s [INFO] - tile decoded in 0.027995 s PNM CONVERSION: Truncating component 0 from 12 bits to 8 bits PNM CONVERSION: Truncating component 1 from 12 bits to 8 bits PNM CONVERSION: Truncating component 2 from 12 bits to 8 bits PNM CONVERSION: Truncating component 3 from 12 bits to 8 bits Generated Outfile out.ppm With 1.3-10.el6_5, the same command produces: [INFO] tile 1 of 1 [ERROR] Error decoding tile. Component 1 contains only 33153 blocks while component 0 has 66177 blocks ERROR -> j2k_to_image: failed to decode image! [1]: http://openslide.cs.cmu.edu/download/openslide-testdata/Aperio/JP2K-33003-1.svs [2]: http://openjpeg.googlecode.com/svn/data/input/conformance/p0_06.j2k The Debian bug has an ongoing discussion about this issue: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734238 (In reply to Murray McAllister from comment #3) > The Debian bug has an ongoing discussion about this issue: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734238 I missed the "See Also". Sorry for the noise/duplicate Debian has released updated packages that fix this problem: https://lists.debian.org/debian-security-announce/2014/msg00090.html The corrected patch is in the Debian bug. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2014-2001.html The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |