[Bug 1144316] New: VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead - openSUSE Bugs - openSUSE Mailing Lists

newer
[Bug 1193959] New: Calligraplan...

[Bug 1144316] New: VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

older
[Bug 1193520] New: rancher-desktop...

bugzilla_noreply＠novell.com

5 Aug 2019 5 Aug '19

12:07

http://bugzilla.suse.com/show_bug.cgi?id=1144316 Bug ID: 1144316 Summary: VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: sbrabec@suse.com Reporter: atoptsoglou@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- CVE-2019-1010301 jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file. References https://bugzilla.redhat.com/show_bug.cgi?id=1679952 https://nvd.nist.gov/vuln/detail/CVE-2019-1010301 http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010301.html -- You are receiving this mail because: You are on the CC list for the bug.

Attachments:

attachment.htm (text/html — 2.8 KB)

Reply

Sign in to reply online Use email software

Show replies by date

bugzilla_noreply＠novell.com

5 Aug 5 Aug

22:13

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

http://bugzilla.suse.com/show_bug.cgi?id=1144316 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P4 - Low -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠novell.com

16 Jan 16 Jan

14:38

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

http://bugzilla.suse.com/show_bug.cgi?id=1144316 Alexandros Toptsoglou changed: What |Removed |Added ---------------------------------------------------------------------------- Version|Leap 15.0 |Leap 15.1 -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

12 May 12 May

13:33

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c1 Petr Gajdos changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pgajdos@suse.com --- Comment #1 from Petr Gajdos --- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010301 https://bugzilla.redhat.com/show_bug.cgi?id=167995 https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1838251 https://salsa.debian.org/debian/jhead/commit/bf330c777cc911b9f8509ffec745895... It is fixed in TW/jhead-3.06.0.1. -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

14:41

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c2 --- Comment #2 from Petr Gajdos --- Fixed in 15.2 by version update to 3.06.0.1 . Let me know whether a submission in Backports is needed. -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

14:43

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c3 Petr Gajdos changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|sbrabec@suse.com |security-team@suse.de --- Comment #3 from Petr Gajdos --- Submitted into 15.2/jhead. I believe all fixed. -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

16 May 16 May

19:18

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c5 --- Comment #5 from Swamp Workflow Management --- openSUSE-SU-2021:0743-1: An update that fixes 9 vulnerabilities is now available. Category: security (moderate) Bug References: 1144316,1144354,1160544,1160547 CVE References: CVE-2016-3822,CVE-2018-16554,CVE-2018-17088,CVE-2018-6612,CVE-2019-1010301,CVE-2019-1010302,CVE-2020-6624,CVE-2020-6625,CVE-2021-3496 JIRA References: Sources used: openSUSE Leap 15.2 (src): jhead-3.06.0.1-lp152.7.6.1 -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

19 May 19 May

19:16

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c6 --- Comment #6 from Swamp Workflow Management --- openSUSE-SU-2021:0752-1: An update that fixes 9 vulnerabilities is now available. Category: security (moderate) Bug References: 1144316,1144354,1160544,1160547 CVE References: CVE-2016-3822,CVE-2018-16554,CVE-2018-17088,CVE-2018-6612,CVE-2019-1010301,CVE-2019-1010302,CVE-2020-6624,CVE-2020-6625,CVE-2021-3496 JIRA References: Sources used: openSUSE Backports SLE-15-SP2 (src): jhead-3.06.0.1-bp152.4.6.1 -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

22 Dec 22 Dec

13:28

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c7 Kristyna Streitova changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |kstreitova@suse.com Resolution|--- |FIXED --- Comment #7 from Kristyna Streitova --- Backports received the update from Leap 15.2. All is fixed so closing. -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

bugzilla_noreply＠suse.com

13:29

New subject: [Bug 1144316] VUL-1: CVE-2019-1010301: jhead: Stack buffer overflow in gpsinfo.c when running jhead

https://bugzilla.suse.com/show_bug.cgi?id=1144316 https://bugzilla.suse.com/show_bug.cgi?id=1144316#c8 Kristyna Streitova changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |--- --- Comment #8 from Kristyna Streitova --- Reassigning to the security team -- You are receiving this mail because: You are on the CC list for the bug.

Reply

Sign in to reply online Use email software

862

Age (days ago)

1732

Last active (days ago)

Download

9 comments

2 participants

tags

participants (2)

bugzilla_noreply＠novell.com
bugzilla_noreply＠suse.com