blob: a76b8b18031406e0ab798a076f61ad8de5108515 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200604-10">
<title>zgv, xzgv: Heap overflow</title>
xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour
space incorrectly, potentially resulting in the execution of arbitrary
<product type="ebuild">xzgv</product>
<announced>April 21, 2006</announced>
<revised>June 10, 2006: 02</revised>
<package name="media-gfx/xzgv" auto="yes" arch="*">
<unaffected range="ge">0.8-r2</unaffected>
<vulnerable range="lt">0.8-r2</vulnerable>
<package name="media-gfx/zgv" auto="yes" arch="*">
<unaffected range="ge">5.9</unaffected>
<vulnerable range="lt">5.9</vulnerable>
xzgv and zgv are picture viewing utilities with a thumbnail based file
Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate
insufficient memory when rendering images with more than 3 output
components, such as images using the YCCK or CMYK colour space. When
xzgv or zgv attempt to render the image, data from the image overruns a
heap allocated buffer.
<impact type="normal">
An attacker may be able to construct a malicious image that executes
arbitrary code with the permissions of the xzgv or zgv user when
attempting to render the image.
There is no known workaround at this time.
All xzgv users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=media-gfx/xzgv-0.8-r2&quot;</code>
All zgv users should also upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=media-gfx/zgv-5.9&quot;</code>
<uri link="">CVE-2006-1060</uri>
<uri link="">homepage plus Changelog</uri>
<metadata tag="requester" timestamp="Fri, 07 Apr 2006 14:45:12 +0000">
<metadata tag="bugReady" timestamp="Fri, 14 Apr 2006 20:39:46 +0000">
<metadata tag="submitter" timestamp="Thu, 20 Apr 2006 16:13:24 +0000">