Bug 491853 (CVE-2009-0792)

Summary: CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: kreilly, limburgher, mbacovsk, mjc, security-response-team, twaugh
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: source=redhat,impact=moderate,reported=20090320,public=20090408,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-07-13 10:26:22 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On: 491854, 491855, 491856, 491857, 491858, 495915, 495916, 495917    
Bug Blocks:    
Attachments:
Description Flags
Updated ghostscript-CVE-2009-0792.patch (adds checks for all 'floor' occurences)
none
Updated Argyllcms CVE-2009-0792 (all changes in one file) patch none

Description Jan Lieskovsky 2009-03-24 09:21:42 EDT
Multiple integer overflows and multiple insufficient upper-bounds checks on certain variable sizes were originally discovered in the Ghostscript's International Color Consortium Format Library (icclib). It was found,
the original patch, addressing this issue was incomplete.
Comment 4 Jan Lieskovsky 2009-04-08 07:55:00 EDT
Created attachment 338699 [details]
Updated ghostscript-CVE-2009-0792.patch (adds checks for all 'floor' occurences)
Comment 5 Jan Lieskovsky 2009-04-08 09:24:37 EDT
Created attachment 338705 [details]
Updated Argyllcms CVE-2009-0792 (all changes in one file) patch
Comment 6 Jon Ciesla 2009-04-08 11:00:19 EDT
argyllcms has now been built with this patch for rawhide, F-10 and F-9, and Bodhi updates for F-10 and F-9 have been created.
Comment 11 Fedora Update System 2009-04-09 12:07:02 EDT
argyllcms-1.0.3-4.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 12 Fedora Update System 2009-04-09 12:07:52 EDT
argyllcms-1.0.3-4.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 13 errata-xmlrpc 2009-04-14 13:54:05 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2009:0421 https://rhn.redhat.com/errata/RHSA-2009-0421.html
Comment 16 Fedora Update System 2009-04-15 13:11:19 EDT
ghostscript-8.63-3.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/ghostscript-8.63-3.fc9
Comment 17 Fedora Update System 2009-04-15 17:49:38 EDT
ghostscript-8.63-6.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2009-04-15 17:50:10 EDT
ghostscript-8.63-3.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 19 Jon Ciesla 2009-04-16 15:23:06 EDT
Turns out I added the patch to argyllcms but failed to apply it.  Built in rawhide, others are on their way.  My apologies for the mixup.

Rel-eng ticket filed for Freeze Exception.
https://fedorahosted.org/rel-eng/ticket/1497
Comment 20 Fedora Update System 2009-04-16 15:26:57 EDT
argyllcms-1.0.3-5.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/argyllcms-1.0.3-5.fc9
Comment 21 Fedora Update System 2009-04-16 15:27:02 EDT
argyllcms-1.0.3-5.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/argyllcms-1.0.3-5.fc10
Comment 22 Fedora Update System 2009-04-17 14:02:47 EDT
argyllcms-1.0.3-5.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 23 Fedora Update System 2009-04-17 14:06:11 EDT
argyllcms-1.0.3-5.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.