Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5262 to the following vulnerability: Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262 http://secunia.com/secunia_research/2008-59/ http://www.securityfocus.com/bid/33231 http://secunia.com/advisories/33470 http://sourceforge.net/tracker/index.php?func=detail&aid=2496518&group_id=4470&atid=104470 Patch: http://openil.cvs.sourceforge.net/viewvc/openil/DevIL/src-IL/src/il_hdr.c?view=log http://openil.cvs.sourceforge.net/viewvc/openil/DevIL/src-IL/src/il_hdr.c?r1=1.17&r2=1.18
This issue affects all versions of the DevIL package, as shipped with Fedora release of 9, 10 and devel. Please fix.
I've prepped and build new DevIL packages fixing this for f9 - f11: DevIL-1.7.5-1.fc# IIRC there is some magic to be done with the bodhi entries, using multiple tracker bugs (one per release), or something like that. So I'll leave creating the actual bodhi entries to the security team, the updates are build and ready to go.
DevIL-1.7.5-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/DevIL-1.7.5-1.fc10
DevIL-1.7.5-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/DevIL-1.7.5-1.fc9
(In reply to comment #2) > IIRC there is some magic to be done with the bodhi entries, using multiple > tracker bugs (one per release), or something like that. They are rather a bit of tracking help, rather than any strict requirement. It's more important to reference this bug in the update request. Submitted.
It was reported that the upstream patch is off-by-one: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512122#5 (this does not seem to be corrected in the upstream CVS yet)
(In reply to comment #6) > It was reported that the upstream patch is off-by-one: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512122#5 > > (this does not seem to be corrected in the upstream CVS yet) Oh, a new update fixing this is on its way.
DevIL-1.7.5-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/DevIL-1.7.5-2.fc10
DevIL-1.7.5-2.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/DevIL-1.7.5-2.fc9
DevIL-1.7.5-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
DevIL-1.7.5-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.