Re: CVE id request for imagemagick, libpng and tiff

[Nico Golde <oss-security+ml () ngolde de>]

Hi,
* Kurt Seifried <kseifried () redhat com> [2012-04-10 04:54]:
> On 04/09/2012 08:31 PM, Nico Golde wrote:
> > We received 3 bug reports targeting imagemagick, libpng and tiff
> > crashing on input when used with electric fence indicating memory
> > errors on handling crafted input. From what I see no CVE ids have
> > been assigned to these bugs yet.
> >
> > Can someone assign ids? libpng:
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668082 (apparently
> > fixed in 1.2.48 with a removal of the buggy function)
> >
> > tiff: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668087
> >
> > imagemagick:
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668075
>
> Do any of these crashes occur without electric fence? Also I think
> Vincent Fourmond <fourmond () debian org> stated it succinctly:
>
> "On what do you base your claim that it is a user security hole ?
> While I agree that it is a bug, I fail to see how a crash at the end
> of a program's execution (cleanup time) necessarily is a user security
> hole, hence downgrading the severity. Feel free to raise it up again
> if you have arguments to back your claim."

Ack. The imagemagick bug at least seems to be a false positive create by an 
efence bug.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: _bin
Description: