Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 649
    • Issues 649
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 181
    • Merge Requests 181
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Issues
  • #8351

Closed
Open
Opened Dec 26, 2017 by Alicha CH@alichaReporter
  • Report abuse
  • New issue
Report abuse New issue

[3.7) gimp: Multiple vulnerabilities (CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789)

CVE-2017-17784: In GIMP 2.8.22, there is a heap-based buffer over-read in load_image
in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.

References:

http://openwall.com/lists/oss-security/2017/12/20/1
https://nvd.nist.gov/vuln/detail/CVE-2017-17784

Patch:

https://git.gnome.org/browse/gimp/commit/?id=c57f9dcf1934a9ab0cd67650f2dea18cb0902270

CVE-2017-17785: In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

References:

http://openwall.com/lists/oss-security/2017/12/20/1
https://nvd.nist.gov/vuln/detail/CVE-2017-17785

Patch:

https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54

CVE-2017-17786: In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c
(related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

References:

http://openwall.com/lists/oss-security/2017/12/20/1
https://nvd.nist.gov/vuln/detail/CVE-2017-17786

Patches:

https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=ef9c821fff8b637a2178eab1c78cae6764c50e12
https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=22e2571c25425f225abdb11a566cc281fca6f366

CVE-2017-17787: In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

References:

http://openwall.com/lists/oss-security/2017/12/20/1
https://nvd.nist.gov/vuln/detail/CVE-2017-17787

Patch:

https://git.gnome.org/browse/gimp/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d

CVE-2017-17788: In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream
in app/xcf/xcf.c when there is no ‘\0’ character after the version string.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-17788
http://openwall.com/lists/oss-security/2017/12/20/1

Patch:

https://git.gnome.org/browse/gimp/commit/?id=702c4227e8b6169f781e4bb5ae4b5733f51ab126

CVE-2017-17789: In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-17789
http://openwall.com/lists/oss-security/2017/12/20/1

Patch:

https://git.gnome.org/browse/gimp/commit/?id=01898f10f87a094665a7fdcf7153990f4e511d3f

(from redmine: issue id 8351, created on 2017-12-26, closed on 2017-12-28)

  • Relations:
    • parent #8349 (closed)
  • Changesets:
    • Revision 743b8267 on 2017-12-28T08:38:51Z:
community/gimp: security fixes

CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17789

Fixes #8351

CVE-2017-17788 applies only to >= v2.9.6
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
3.7.1
Milestone
3.7.1 (Past due)
Assign milestone
Time tracking
None
Due date
None
3
Labels
Normal tag:security type:bug
Assign labels
  • View project labels
Reference: alpine/aports#8351