Bug 1331724 – CVE-2016-4347 Rejected: CVE-2016-4347

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1331724 - (CVE-2016-4347) CVE-2016-4347 Rejected: CVE-2016-4347

Summary:	CVE-2016-4347 Rejected: CVE-2016-4347

Status:	CLOSED DUPLICATE of bug 1268243

Aliases:	CVE-2016-4347

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=moderate,public=20160428,repor...
Keywords:	Security

Depends On:	1331727 1331728
Blocks:	1331729
	Show dependency tree / graph

Reported:	2016-04-29 07:49 EDT by Martin Prpič
Modified:	2016-06-06 11:37 EDT (History)
CC List:	6 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2016-06-03 09:04:17 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Martin Prpič 2016-04-29 07:49:22 EDT

A denial of service flaw was found in the way the librsvg2 library parsed SVG files. A specially crafted SVG file with circular definitions could cause an application using librsvg2 to crash.

This flaw is in the rsvg_cairo_pop_discrete_layer(), rsvg_cairo_pop_render_stack(), and rsvg_cairo_generate_mask() functions.

Reference (including reproducer):

http://seclists.org/oss-sec/2016/q2/161

Comment 1 Martin Prpič 2016-04-29 07:59:32 EDT

Created librsvg2 tracking bugs for this issue:

Affects: fedora-all [bug 1331727]

Comment 2 Martin Prpič 2016-04-29 07:59:38 EDT

Created mingw-librsvg2 tracking bugs for this issue:

Affects: fedora-all [bug 1331728]

Comment 3 Andrej Nemec 2016-05-11 04:46:33 EDT

Upstream fix:

https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61

Comment 6 Andrej Nemec 2016-06-06 11:37:47 EDT

This CVE was rejected by Mitre.

Common Vulnerabilities and Exposures assigned an identifier CVE-2016-4347 to
the following vulnerability:

Name: CVE-2016-4347
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4347
Assigned: 20160428

** REJECT **
DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-7558.  Reason:
This candidate is a reservation duplicate of CVE-2015-7558.  Notes:
All CVE users should reference CVE-2015-7558 instead of this
candidate.  All references and descriptions in this candidate have
been removed to prevent accidental usage.

Note You need to log in before you can comment on or make changes to this bug.