Package: povray Severity: important Tags: security I have been working on a tool called Clonewise to automatically identify embedded code copies in Debian packages and determine if they are out of date and vulnerable. Ideally, embedding code and libraries should be avoided and a system wide library should be used instead.
I recently ran the tool on Debian 6 stable. The results are here at http://www.foocodechu.com/downloads/Clonewise-report.txt* *The povray package reported potential issues appended to this message. The analysis tries to justify why it believes a library or code is embedded in the package and if the relationship is not already being tracked by Debian in the embedded-code-copies database it shows the files that are shared between the two pieces of software. Apologies if these are false positives. Your help in advising me on whether these issues are real will help me improve the analysis for the future. -- Silvio Cesare Deakin University ### Summary: ### tiff CLONED_IN_SOURCE povray <unfixed> CVE-2010-2597 tiff CLONED_IN_SOURCE povray <unfixed> CVE-2011-1167 ### Reports by package: ### # Package povray may be vulnerable to the following issues: # CVE-2010-2597 CVE-2011-1167 # SUMMARY: The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error. # # CVE-2010-2597 relates to a vulnerability in package tiff. # The following source filenames are likely responsible: # tifstrip.c # # The following package clones are NOT tracked in the embedded-code-copies # database. # tiff CLONED_IN_SOURCE povray <unfixed> CVE-2010-2597 MATCH addtiffo.c/addtiffo.c (8.200837) MATCH faxps.c/faxps.c (8.200837) MATCH faxtiff.c/faxtiff.c (8.200837) MATCH getopt.c/getopt.c (3.471681) MATCH giftiff.c/giftiff.c (8.200837) MATCH iptcutil.c/iptcutil.c (8.200837) MATCH listtif.c/listtif.c (8.200837) MATCH macmain.c/macmain.c (7.171218) MATCH mactrans.c/mactrans.c (8.200837) MATCH maketif.c/maketif.c (8.200837) MATCH mfsfile.c/mfsfile.c (8.200837) MATCH mkgmain.c/mkgmain.c (8.200837) MATCH mkgstates.c/mkgstates.c (7.102225) MATCH palrgb.c/palrgb.c (8.200837) MATCH ppmtiff.c/ppmtiff.c (8.200837) MATCH rastif.c/rastif.c (8.200837) MATCH rawtiff.c/rastiff.c (8.200837) MATCH rgbycbcr.c/rgbycbcr.c (8.200837) MATCH sgisv.c/sgisv.c (8.200837) MATCH sgitiff.c/sgitiff.c (8.200837) MATCH strcasecmp.c/strcasecmp.c (4.890294) MATCH strtoul.c/strtoul.c (5.332938) MATCH thumbnail.c/thumbnail.c (6.552179) MATCH tifacorn.c/tifacorn.c (7.325368) MATCH tifapple.c/tifapple.c (7.245326) MATCH tifatari.c/tifatari.c (7.325368) MATCH tifaux.c/tifaux.c (6.865836) MATCH tifclose.c/tifclose.c (6.865836) MATCH tifcodec.c/tifcodec.c (6.977062) MATCH tifcolor.c/tifcolor.c (7.102225) MATCH tifcompress.c/tifcompress.c (6.865836) MATCH tifdir.c/tifdir.c (6.865836) MATCH tifdirinfo.c/tifdirinfo.c (6.865836) MATCH tifdirread.c/tifdirread.c (6.865836) MATCH tifdirwrite.c/tifdirwrite.c (6.865836) MATCH tifdumpmode.c/tifdumpmode.c (6.865836) MATCH tiferror.c/tiferror.c (6.865836) MATCH tifextension.c/tifextension.c (7.102225) MATCH tiffax.c/tiffax.c (6.865836) MATCH tiffbi.c/tiffbi.c (8.200837) MATCH tiffcmp.c/tiffcmp.c (8.200837) MATCH tiffdib.c/tiffdib.c (8.200837) MATCH tiffdither.c/tiffdither.c (8.200837) MATCH tiffdump.c/tiffdump.c (8.200837) MATCH tiffgrayscale.c/tiffgrayscale.c (8.200837) MATCH tiffgt.c/tiffgt.c (8.200837) MATCH tiffile.c/tiffile.c (8.200837) MATCH tiffinfo.c/tiffinfo.c (8.200837) MATCH tifflush.c/tifflush.c (6.865836) MATCH tiffmedian.c/tiffmedian.c (8.200837) MATCH tiffpalette.c/tiffpalette.c (8.200837) MATCH tiffpdf.c/tiffpdf.c (7.864365) MATCH tiffps.c/tiffps.c (8.018516) MATCH tiffrgb.c/tiffrgb.c (8.200837) MATCH tiffset.c/tiffset.c (8.200837) MATCH tiffsplit.c/tiffsplit.c (8.200837) MATCH tifgetimage.c/tifgetimage.c (6.865836) MATCH tifimageiter.c/tifimageiter.c (8.200837) MATCH tifjpeg.c/tifjpeg.c (6.865836) MATCH tifluv.c/tifluv.c (6.977062) MATCH tiflzw.c/tiflzw.c (6.865836) MATCH tifmsdos.c/tifmsdos.c (7.325368) MATCH tifnext.c/tifnext.c (6.865836) MATCH tifopen.c/tifopen.c (6.865836) MATCH tifoverview.c/tifoverview.c (8.200837) MATCH tifovrcache.c/tifovrcache.c (8.200837) MATCH tifpackbits.c/tifpackbits.c (6.865836) MATCH tifpdsdirread.c/tifpdsdirread.c (8.200837) MATCH tifpdsdirwrite.c/tifpdsdirwrite.c (8.200837) MATCH tifpixarlog.c/tifpixarlog.c (6.977062) MATCH tifpredict.c/tifpredict.c (6.977062) MATCH tifprint.c/tifprint.c (6.865836) MATCH tifras.c/tifras.c (8.200837) MATCH tifread.c/tifread.c (6.865836) MATCH tifstrip.c/tifstrip.c (6.865836) MATCH tifswab.c/tifswab.c (6.814543) MATCH tifthunder.c/tifthunder.c (6.865836) MATCH tifunix.c/tifunix.c (7.102225) MATCH tifversion.c/tifversion.c (6.865836) MATCH tifwarning.c/tifwarning.c (6.865836) MATCH tifwin.c/tifwin.c (7.102225) MATCH tifwrite.c/tifwrite.c (6.865836) MATCH tifzip.c/tifzip.c (6.977062) MATCH xtiff.c/xtiff.c (7.507690) MATCH ycbcr.c/ycbcr.c (8.018516) # SUMMARY: Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. # # CVE-2011-1167 relates to a vulnerability in package tiff. # The following source filenames are likely responsible: # tifthunder.c # # The following package clones are NOT tracked in the embedded-code-copies # database. # tiff CLONED_IN_SOURCE povray <unfixed> CVE-2011-1167 MATCH addtiffo.c/addtiffo.c (8.200837) MATCH faxps.c/faxps.c (8.200837) MATCH faxtiff.c/faxtiff.c (8.200837) MATCH getopt.c/getopt.c (3.471681) MATCH giftiff.c/giftiff.c (8.200837) MATCH iptcutil.c/iptcutil.c (8.200837) MATCH listtif.c/listtif.c (8.200837) MATCH macmain.c/macmain.c (7.171218) MATCH mactrans.c/mactrans.c (8.200837) MATCH maketif.c/maketif.c (8.200837) MATCH mfsfile.c/mfsfile.c (8.200837) MATCH mkgmain.c/mkgmain.c (8.200837) MATCH mkgstates.c/mkgstates.c (7.102225) MATCH palrgb.c/palrgb.c (8.200837) MATCH ppmtiff.c/ppmtiff.c (8.200837) MATCH rastif.c/rastif.c (8.200837) MATCH rawtiff.c/rastiff.c (8.200837) MATCH rgbycbcr.c/rgbycbcr.c (8.200837) MATCH sgisv.c/sgisv.c (8.200837) MATCH sgitiff.c/sgitiff.c (8.200837) MATCH strcasecmp.c/strcasecmp.c (4.890294) MATCH strtoul.c/strtoul.c (5.332938) MATCH thumbnail.c/thumbnail.c (6.552179) MATCH tifacorn.c/tifacorn.c (7.325368) MATCH tifapple.c/tifapple.c (7.245326) MATCH tifatari.c/tifatari.c (7.325368) MATCH tifaux.c/tifaux.c (6.865836) MATCH tifclose.c/tifclose.c (6.865836) MATCH tifcodec.c/tifcodec.c (6.977062) MATCH tifcolor.c/tifcolor.c (7.102225) MATCH tifcompress.c/tifcompress.c (6.865836) MATCH tifdir.c/tifdir.c (6.865836) MATCH tifdirinfo.c/tifdirinfo.c (6.865836) MATCH tifdirread.c/tifdirread.c (6.865836) MATCH tifdirwrite.c/tifdirwrite.c (6.865836) MATCH tifdumpmode.c/tifdumpmode.c (6.865836) MATCH tiferror.c/tiferror.c (6.865836) MATCH tifextension.c/tifextension.c (7.102225) MATCH tiffax.c/tiffax.c (6.865836) MATCH tiffbi.c/tiffbi.c (8.200837) MATCH tiffcmp.c/tiffcmp.c (8.200837) MATCH tiffdib.c/tiffdib.c (8.200837) MATCH tiffdither.c/tiffdither.c (8.200837) MATCH tiffdump.c/tiffdump.c (8.200837) MATCH tiffgrayscale.c/tiffgrayscale.c (8.200837) MATCH tiffgt.c/tiffgt.c (8.200837) MATCH tiffile.c/tiffile.c (8.200837) MATCH tiffinfo.c/tiffinfo.c (8.200837) MATCH tifflush.c/tifflush.c (6.865836) MATCH tiffmedian.c/tiffmedian.c (8.200837) MATCH tiffpalette.c/tiffpalette.c (8.200837) MATCH tiffpdf.c/tiffpdf.c (7.864365) MATCH tiffps.c/tiffps.c (8.018516) MATCH tiffrgb.c/tiffrgb.c (8.200837) MATCH tiffset.c/tiffset.c (8.200837) MATCH tiffsplit.c/tiffsplit.c (8.200837) MATCH tifgetimage.c/tifgetimage.c (6.865836) MATCH tifimageiter.c/tifimageiter.c (8.200837) MATCH tifjpeg.c/tifjpeg.c (6.865836) MATCH tifluv.c/tifluv.c (6.977062) MATCH tiflzw.c/tiflzw.c (6.865836) MATCH tifmsdos.c/tifmsdos.c (7.325368) MATCH tifnext.c/tifnext.c (6.865836) MATCH tifopen.c/tifopen.c (6.865836) MATCH tifoverview.c/tifoverview.c (8.200837) MATCH tifovrcache.c/tifovrcache.c (8.200837) MATCH tifpackbits.c/tifpackbits.c (6.865836) MATCH tifpdsdirread.c/tifpdsdirread.c (8.200837) MATCH tifpdsdirwrite.c/tifpdsdirwrite.c (8.200837) MATCH tifpixarlog.c/tifpixarlog.c (6.977062) MATCH tifpredict.c/tifpredict.c (6.977062) MATCH tifprint.c/tifprint.c (6.865836) MATCH tifras.c/tifras.c (8.200837) MATCH tifread.c/tifread.c (6.865836) MATCH tifstrip.c/tifstrip.c (6.865836) MATCH tifswab.c/tifswab.c (6.814543) MATCH tifthunder.c/tifthunder.c (6.865836) MATCH tifunix.c/tifunix.c (7.102225) MATCH tifversion.c/tifversion.c (6.865836) MATCH tifwarning.c/tifwarning.c (6.865836) MATCH tifwin.c/tifwin.c (7.102225) MATCH tifwrite.c/tifwrite.c (6.865836) MATCH tifzip.c/tifzip.c (6.977062) MATCH xtiff.c/xtiff.c (7.507690) MATCH ycbcr.c/ycbcr.c (8.018516)
