Bug#908176: Bug#907925: jhead: Interger overflow while running jhead

2018-09-16 Thread Hanfang Zhang
Thanks a lot! Regards, Hanfang Salvatore Bonaccorso 于2018年9月17日周一 上午3:08写道: > Control: retitle 907925 jhead: CVE-2018-17088: Integer overflow in > gpsinfo.c while running jhead > Control: retitle 908176 jhead: CVE-2018-16554: Buffer overflow in > gpsinfo.c while running jhead > > Hi > > On Fri,

Bug#907925: jhead: Interger overflow while running jhead

2018-09-16 Thread Salvatore Bonaccorso
Control: retitle 907925 jhead: CVE-2018-17088: Integer overflow in gpsinfo.c while running jhead Control: retitle 908176 jhead: CVE-2018-16554: Buffer overflow in gpsinfo.c while running jhead Hi On Fri, Sep 07, 2018 at 10:48:26AM +0200, Salvatore Bonaccorso wrote: > Control: retitle -1 jhead:

Bug#907925: jhead: Interger overflow while running jhead

2018-09-07 Thread Salvatore Bonaccorso
Control: retitle -1 jhead: CVE-2018-16554: Interger overflow while running jhead Hi Hanfang, On Fri, Sep 07, 2018 at 12:53:38PM +0800, Hanfang Zhang wrote: > Hi Salvatore, > > I have done that and the CVE ID is CVE-2018-16554. But the status of it is > preserved. Thanks. Perfect, thank you! Re

Bug#907925: jhead: Interger overflow while running jhead

2018-09-06 Thread Hanfang Zhang
Hi Salvatore, I have done that and the CVE ID is CVE-2018-16554. But the status of it is preserved. Thanks. Regards, Hanfang Salvatore Bonaccorso 于2018年9月5日周三 下午11:05写道: > Hi Hanfang, > > On Tue, Sep 04, 2018 at 03:32:02PM +0800, Hanfang Zhang wrote: > > This bug was found by Hanfang Zhang at

Bug#907925: jhead: Interger overflow while running jhead

2018-09-05 Thread Salvatore Bonaccorso
Hi Hanfang, On Tue, Sep 04, 2018 at 03:32:02PM +0800, Hanfang Zhang wrote: > This bug was found by Hanfang Zhang at Sichuan University. Request a > CVE ID. Thanks. Can you please request a CVE via the webform at https://cveform.mitre.org/ and once the CVE assigned loop it back here? Thanks alrea

Bug#907925: jhead: Interger overflow while running jhead

2018-09-05 Thread Ludovic Rousseau
Le 05/09/2018 à 12:42, Hanfang Zhang a écrit : I'm sorry, I did not run jhead with Debian patches before. I patched it just now. But I did not see the patch file for gpsinfo.c. So this vulnerability stiil exists in gpsinfo.c(line 104). I am not sure if I missed the patch file. The poc is in th

Bug#907925: jhead: Interger overflow while running jhead

2018-09-05 Thread Hanfang Zhang
I'm sorry, I did not run jhead with Debian patches before. I patched it just now. But I did not see the patch file for gpsinfo.c. So this vulnerability stiil exists in gpsinfo.c(line 104). I am not sure if I missed the patch file. The poc is in the attachment. Ludovic Rousseau 于2018年9月5日周三 下午4:10

Bug#907925: jhead: Interger overflow while running jhead

2018-09-04 Thread Hanfang Zhang
Package: jhead Version: 3.00-7 Interger overflow while running jhead. There is an interger overflow in exif.c line 530. When OffseVal=0x0014, ByteCount=0x, ExifLength=0X13e, this check will be passed. So when executing strncpy function it will lead to a segmentation fault. It may allow a r