Bug 528732 - (CVE-2009-3296) CVE-2009-3296 ocaml-camlimages: TIFF reader multiple integer overflows
CVE-2009-3296 ocaml-camlimages: TIFF reader multiple integer overflows
Status: CLOSED RAWHIDE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,source=vendorsec,publ...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-10-13 10:09 EDT by Jan Lieskovsky
Modified: 2016-03-04 07:02 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-10-16 06:02:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2009-10-13 10:09:25 EDT
CamlImages, an open source image processing library, suffers from several
integer overflows which may lead to a potentially exploitable heap
overflow and result in arbitrary code execution.

The vulnerability is triggered by TIFF image parsing. Specific TIFF
images with large width and height can be crafted to trigger the
vulnerability.
Comment 2 Richard W.M. Jones 2009-10-16 05:37:47 EDT
I had to rebase the patch against latest upstream (3.0.1).

Also the patch in comment 1 is itself somehow malformed.  In
any case, I applied it by hand against the new codebase.

Built in dist-f13:

http://koji.fedoraproject.org/koji/taskinfo?taskID=1749533
Comment 3 Richard W.M. Jones 2009-10-16 05:55:08 EDT
Build for F10, F11 and F12.

I can't link back to this bug in the updates, apparently
because this bug is private?
Comment 4 Richard W.M. Jones 2009-10-16 06:02:28 EDT
I've updated CVS for EL-4 and EL-5.  However this package
was never actually built or released in those two branches,
and doesn't build because there are significant missing
dependencies.

Closing this one now ...
Comment 6 Fedora Update System 2009-11-10 12:43:52 EST
ocaml-camlimages-3.0.1-7.fc11.3 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2009-11-10 12:48:03 EST
ocaml-camlimages-3.0.1-3.fc10.3 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.