Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <3051527.WuieGNAktk@wanheda>
Date: Tue, 29 Aug 2017 15:49:46 +0200
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: A bunch of duplicate CVEs requested for?? bho..

Another recent example by owl337:
https://nvd.nist.gov/vuln/detail/CVE-2017-13737 which points to:
https://bugzilla.redhat.com/show_bug.cgi?id=1484196
There is an invalid free in the MagickFree function in magick/memory.c in 
GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.


The maintainer of Graphicsmagick, Mr Bob Friesenhahn said to me:

"It looks like this problem is not a GM bug but it is already fixed in 
libtiff.  Using latest libtiff CVS sources I see this in the GM traces 
which are produced by libtiff:

08:41:48 0:01 0.000u 25164 tiff.c/unknown/2268/Coder:
   Allocating scanline buffer of 104 bytes
08:41:48 0:01 0.000u 25164 tiff.c/unknown/932/Coder:
   TIFF Warning: Discarding 89 bytes to avoid buffer overrun.
08:41:48 0:01 0.000u 25164 tiff.c/unknown/932/Coder:
   TIFF Warning: Discarding 16 bytes to avoid buffer overrun.
08:41:48 0:01 0.000u 25164 tiff.c/unknown/932/Coder:
   TIFF Warning: Discarding 1 bytes to avoid buffer overrun.
08:41:48 0:01 0.000u 25164 tiff.c/unknown/932/Coder:
   TIFF Warning: Terminating PackBitsDecode due to lack of data..
08:41:48 0:01 0.000u 25164 tiff.c/unknown/793/Coder:
   Not enough data for scanline 3. (PackBitsDecode)

I am not sure what libtiff Red Hat is using.  It may be that the 
changes are since the latest libtiff release.  I could help with that 
by making another libtiff release."

-- 
Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.