Detections
Analytics

openSUSE Security Update : feh (openSUSE-2017-531)

critical Nessus Plugin ID 99926

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for feh on Leap 42.1 fixes this security issue :

 - CVE-2017-7875: In wallpaper.c in feh if a malicious client pretended to be the E17 window manager, it was possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free (bsc#1034567).

This update for feh on Leap 42.2 to version 2.18.3 fixes several issues.

This security issue was fixed on Leap 42.2 :

 - CVE-2017-7875: In wallpaper.c in feh if a malicious client pretended to be the E17 window manager, it was possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free (bsc#1034567).

These non-security issue was fixed on Leap 42.2 :

 - boo#955576: added jpegexiforient

 - Fixed image-specific format specifiers not being updated correctly in thumbnail mode window titles

 - Fixed memory leak when closing images opened from thumbnail mode

 - Fixed a possible out of bounds read caused by an unterminated string when using --output to save images in long paths

 - Fixed out of bounds read/write when handling empty or broken caption files.

 - Fixed memory leak when saving a filelist or image whose target filename already exists.

 - Fixed image-specific format specifiers not being updated correctly

 - New key binding: ! - zoom_fill (zoom to fill window, may cut off image parts

 - Disable EXIF-based auto rotation by default

 - Added --auto-rotate option to enable auto rotation

- Added feh-makefile_app.patch -- fix install location of icons

 - Install feh icon (both 48x48 and scalable SVG) to /usr/share/icons when running 'make install app=1'

 - Fixed --sort not being respected after the first reload when used in conjunction with --reload

 - All key actions can now also be bound to a button by specifying them in .config/feh/buttons. However, note that button actions can not be bound to keys.

 - Rename 'menu' key action to 'toggle_menu', 'prev' to 'prev_img' and 'next' to 'next_img'. The old names are still supported, but no longer documented.

 - feh now also sets the X11 _NET_WM_PID and WM_CLIENT_MACHINE window properties

 - Fixed compilation on systems where HOST_NAME_MAX is not defined

 - Also support in-place editing for images loaded via libcurl or imagemagick. Results will not be written back to disk in this case.

 - Fixed crash when trying to rotate a JPEG image without having jpegtran / jpegexiforient installed

 - Handle failing fork() calls gracefully

 - Fixed invalid key/button definitions mis-assigning keys/buttons to other actions

 - Added sort mode --sort dirname to sort images by directory instead of by name.

 - Added navigation keys next_dir (]) and prev_dir ([) to jump to the first image of the nex/previous directory

- Fixed toggle_filenames key displaying wrong file numbers in multiwindow mode

 - Rescale image when resizing a window and --scale-down or
 --geometry is active.

 - Fixed --keep-zoom-vp not keeping the viewport x/y offsets

- Fixed w (size_to_image) key not updating window size when --scale-down or --geometry is active

 - Added --insecure option to disable HTTPS certificate checks

 - Added --no-recursive option to disable recursive directory expansion.

 - Improve --scale-down in tiling environments.

 - --action and --action[1..9] now support action titles

 - -f / --filelist: Do not print useless error message when a correct filelist file is specified

 - -f / --filelist: Fix bug in '-' / '/dev/stdin' handling affecting feh running in ksh and possibly other environments

 - Add --xinerama-index option for background setting

 - When removing the last image in slidsehow mode, stay on the last (previously second-to-last) image

 - Allow --sort and --randomize to override each other (most recently specified option wins) instead of always preferring --sort

 - Thumbnail mode: Mark image as processed when executing an action (--action) by clicking on an image

 - It is now possible to override feh's idea of the active xinerama screen using the --xinerama-index option

 - Removed (undocumented) feature allowing to override feh's idea of the active xinerama screen by setting the XINERAMA_SCREEN environment variable

 - Removed obsolete gpg macro

Solution

Update the affected feh packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1034567

https://bugzilla.opensuse.org/show_bug.cgi?id=955576

Plugin Details

Severity: Critical

ID: 99926

File Name: openSUSE-2017-531.nasl

Version: 3.4

Type: local

Agent: unix

Published: 5/2/2017

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:feh, p-cpe:/a:novell:opensuse:feh-debuginfo, p-cpe:/a:novell:opensuse:feh-debugsource, cpe:/o:novell:opensuse:42.1, cpe:/o:novell:opensuse:42.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 5/1/2017

Reference Information

CVE: CVE-2017-7875