Bug 1016575 - (CVE-2014-9915) VUL-0: CVE-2014-9915: imagemagick: Off-by-one count when parsing an 8BIM profile
(CVE-2014-9915)
VUL-0: CVE-2014-9915: imagemagick: Off-by-one count when parsing an 8BIM profile
Status: RESOLVED INVALID
: 1017306 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Petr Gajdos
Security Team bot
CVSSv2:SUSE:CVE-2014-9915:5.8:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-20 19:51 UTC by Mikhail Kasimov
Modified: 2017-06-08 11:04 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2016-12-20 19:51:25 UTC
Ref: http://seclists.org/oss-sec/2016/q4/713
==============================================

Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug-767240
Reference URL: https://security-tracker.debian.org/767240
Upstream commit: N/A
Upsteram issue: N/A
Upstream version fixed: 6.8.9-9

I could not find which exact commit patched this specific
vulnerability. All other issues reported here have patches
attached. Sorry for the inconvenience.
==============================================
Comment 1 Swamp Workflow Management 2016-12-20 23:01:03 UTC
bugbot adjusting priority
Comment 2 Matthias Gerstner 2016-12-21 13:13:33 UTC
The debian bug link above has a typo in it and is thus broken. This seems to
be the right one:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767240
Comment 3 Matthias Gerstner 2016-12-21 14:19:31 UTC
There's little to be found about this off-by-one count in 8BIM profile
reading.

The corresponding bugfix might have been this one, but I'm not completely sure:

http://git.imagemagick.org/repos/ImageMagick/commit/ff46116fa0fd9d36596db364702c71564f0b14a5

The bug is over two years old and was fixed in version 6.8.9-9 according to
the ChangeLog.

I still have to check our codestreams whether they're affected.
Comment 4 Matthias Gerstner 2016-12-21 14:37:55 UTC
As far as I see it the related function Sync8BimProfile() is not yet existing
in any of the SLE codestreams. In openSUSE the fixed version is already in
place.
Comment 5 Johannes Segitz 2016-12-28 11:19:51 UTC
*** Bug 1017306 has been marked as a duplicate of this bug. ***
Comment 6 Petr Gajdos 2017-01-23 13:43:52 UTC
(In reply to Matthias Gerstner from comment #4)
> As far as I see it the related function Sync8BimProfile() is not yet existing
> in any of the SLE codestreams. In openSUSE the fixed version is already in
> place.

I tend to agree.

And, in any case, 'there is a security bug somewhere in ImageMagick' is not a valid bug report.