[Bug 1202662] New: VUL-0: CVE-2020-35511: pngcheck: Buffer overflow in pngcheck 2.4.0 via a crafted png file
https://bugzilla.suse.com/show_bug.cgi?id=1202662 Bug ID: 1202662 Summary: VUL-0: CVE-2020-35511: pngcheck: Buffer overflow in pngcheck 2.4.0 via a crafted png file Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other URL: https://smash.suse.de/issue/340566/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: pgajdos@suse.com Reporter: cathy.hu@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2020-35511 A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35511 https://www.cve.org/CVERecord?id=CVE-2020-35511 http://www.libpng.org/pub/png/apps/pngcheck.html -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1202662 https://bugzilla.suse.com/show_bug.cgi?id=1202662#c1 --- Comment #1 from Hu <cathy.hu@suse.com> --- Affected: - openSUSE:Backports:SLE-15-SP3/pngcheck 2.3.0 Not Affected: - openSUSE:Backports:SLE-15-SP4/pngcheck 3.0.0 - openSUSE:Factory/pngcheck 3.0.3 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1202662 Maintenance Automation <maint-coord+maintenance-robot@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1202662 https://bugzilla.suse.com/show_bug.cgi?id=1202662#c2 Petr Gajdos <pgajdos@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|pgajdos@suse.com |security-team@suse.de --- Comment #2 from Petr Gajdos <pgajdos@suse.com> --- * 20201113 BB: fixed buffer-overflow vulnerability discovered by "giantbranch * of NSFOCUS Security Team" * https://bugzilla.redhat.com/show_bug.cgi?id=1897485 * 20201128 BB: found and fixed four additional vulnerabilities (null-pointer * dereference and three buffer overruns) * 20201209 LP: fixed an off-by-one bug in check_magic() (Lucy Phipps) * 20201209 LL: converted two zlib-version warnings/errors to go to stderr * (Lemures Lemniscati, actually from 20180318; forwarded by LP) * 20201210 BB: fixed another buffer-overflow vulnerability discovered by * "giantbranch of NSFOCUS Security Team" * https://bugzilla.redhat.com/show_bug.cgi?id=1905775 * 20201212 GRR: removed -f ("force") option due to multiple security issues * 20201212 GRR: released version 3.0.0 * ---------------------- I propose to update the pngcheck in backports to 3.0.3. In B15sp4 for sure (see http://www.libpng.org/pub/png/apps/pngcheck.html) and preferably also in B15sp3, even if -f option removed in 3.0.0. Packages submitted for B15sp4,B15sp3/pngcheck. I believe all fixed. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1202662 https://bugzilla.suse.com/show_bug.cgi?id=1202662#c4 --- Comment #4 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2022:10142-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1202662 CVE References: CVE-2020-35511 JIRA References: Sources used: openSUSE Backports SLE-15-SP3 (src): pngcheck-3.0.3-bp153.3.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1202662 https://bugzilla.suse.com/show_bug.cgi?id=1202662#c5 Alexander Bergmann <abergmann@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |abergmann@suse.com Resolution|--- |FIXED --- Comment #5 from Alexander Bergmann <abergmann@suse.com> --- Fixed and released. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com