New issue
Advanced search Search tips

Issue 697394 link

Starred by 1 user
Status: Fixed
Owner:
js...@chromium.org
Closed: May 2017
Cc:
vapier@chromium.org
mbarbe...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug-Security



Sign in to add a comment

CrOS: Vulnerability reported in media-libs/libpng

Project Member Reported by vomit.go...@appspot.gserviceaccount.com, Mar 1 2017 
Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: media-libs/libpng
Package Version: [cpe:/a:libpng:libpng:1.6.25]

Advisory: CVE-2016-10087
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-10087
  CVSS severity score: 5/10.0
  Confidence: high
  Description:

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

Comment 1 by vakh@chromium.org, Mar 1 2017

Components: UI>Input
Owner: js...@chromium.org
Status: Available (was: Untriaged)
jshin@ -- setting you as the owner based on https://bugs.chromium.org/p/chromium/issues/detail?id=561978

In case you are not the right owner, please help find the right one. Thanks.

Comment 2 by vakh@chromium.org, Mar 1 2017

Cc: mbarbe...@chromium.org
+mbarbella@ in case I botched up the triage.

Comment 3 by vakh@chromium.org, Mar 1 2017

Labels: Security_Severity-Medium Security_Impact-Stable

Comment 4 by vakh@chromium.org, Mar 1 2017 

 Issue 697395  has been merged into this issue.
Project Member

Comment 5 by sheriffbot@chromium.org, Mar 2 2017

Labels: M-57
Project Member

Comment 6 by sheriffbot@chromium.org, Mar 2 2017

Labels: -Pri-2 Pri-1
Project Member

Comment 7 by sheriffbot@chromium.org, Mar 2 2017

Status: Assigned (was: Available)

Comment 8 by mbarbe...@chromium.org, Mar 4 2017

Cc: vakh@chromium.org
Labels: -Security_Severity-Medium Security_Severity-Low
Based on the CVE description I'm fairly sure this is non-security, but since I didn't take the time to investigate I'll just drop it to low for now.

Comment 9 by js...@chromium.org, Mar 7 2017

Cc: vapier@chromium.org
It looks like we have to move libpng back to chromiumos-overlay once more (due to  bug 600061  ; upsteam ebuild for 1.6.2[78] uses EAPI=6).

Comment 10 by js...@chromium.org, Mar 7 2017

Status: Started (was: Assigned)

Comment 11 by vakh@chromium.org, Mar 7 2017

Cc: -vakh@chromium.org
Project Member

Comment 12 by sheriffbot@chromium.org, Apr 20 2017

Labels: -M-57 M-58

Comment 13 by js...@chromium.org, May 4 2017 

https://chromium-review.googlesource.com/c/450853/ : Sorry I thought it had been merged. Adding to CQ again.

Comment 14 by js...@chromium.org, May 19 2017

Status: Fixed (was: Started)
Finally, it's landed after a dozen or so tries.
Project Member

Comment 15 by sheriffbot@chromium.org, May 20 2017

Labels: -Restrict-View-SecurityTeam Restrict-View-SecurityNotify
Project Member

Comment 16 by sheriffbot@chromium.org, Aug 26 2017

Labels: -Restrict-View-SecurityNotify allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 17 by dchan@chromium.org, Jan 22 2018

Status: Archived (was: Fixed)

Comment 18 by js...@chromium.org, Jan 23 2018

Status: Fixed (was: Archived)

Sign in to add a comment