Fixed in xenial 1.14.6-1ubuntu0.1~esm1:
https://ubuntu.com/security/notices/USN-5407-1
** Changed in: cairo (Ubuntu Xenial)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cairo in Ubuntu.
https://bugs.launchpad.net/bugs/1639372
Title:
CVE-2016-9082: DOS attack in converting SVG to PNG
Status in cairo:
Unknown
Status in cairo package in Ubuntu:
Fix Released
Status in cairo source package in Precise:
Won't Fix
Status in cairo source package in Trusty:
Confirmed
Status in cairo source package in Xenial:
Fix Released
Status in cairo source package in Yakkety:
Confirmed
Status in cairo package in Debian:
Fix Released
Bug description:
I'm attaching debdiffs for trusty, xenial and yakkety. Zesty is
already fixed by syncing cairo 1.14.6-1.1 from Debian. Maybe someone
else can work on the precise update.
Proof of Concept at
http://seclists.org/oss-sec/2016/q4/44
I didn't get gdb to work, but when I tried to convert the file, I got
a crash report named /var/crash/_usr_bin_rsvg-convert.1000.crash .
After the update, no crash happened.
I reproduced the crash and verified that the new package doesn't crash
on yakkety. In xenial I wasn't able to reproduce the crash. I did not
test on trusty.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cairo/+bug/1639372/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
