openSUSE Security Update : feh (openSUSE-2017-531)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for feh on Leap 42.1 fixes this security issue :

- CVE-2017-7875: In wallpaper.c in feh if a malicious
client pretended to be the E17 window manager, it was
possible to trigger an out-of-boundary heap write while
receiving an IPC message. An integer overflow leads to a
buffer overflow and/or a double free (bsc#1034567).

This update for feh on Leap 42.2 to version 2.18.3 fixes several
issues.

This security issue was fixed on Leap 42.2 :

- CVE-2017-7875: In wallpaper.c in feh if a malicious
client pretended to be the E17 window manager, it was
possible to trigger an out-of-boundary heap write while
receiving an IPC message. An integer overflow leads to a
buffer overflow and/or a double free (bsc#1034567).

These non-security issue was fixed on Leap 42.2 :

- boo#955576: added jpegexiforient

- Fixed image-specific format specifiers not being updated
correctly in thumbnail mode window titles

- Fixed memory leak when closing images opened from
thumbnail mode

- Fixed a possible out of bounds read caused by an
unterminated string when using --output to save images
in long paths

- Fixed out of bounds read/write when handling empty or
broken caption files.

- Fixed memory leak when saving a filelist or image whose
target filename already exists.

- Fixed image-specific format specifiers not being updated
correctly

- New key binding: ! - zoom_fill (zoom to fill window, may
cut off image parts

- Disable EXIF-based auto rotation by default

- Added --auto-rotate option to enable auto rotation

- Added feh-makefile_app.patch -- fix install location of
icons

- Install feh icon (both 48x48 and scalable SVG) to
/usr/share/icons when running 'make install app=1'

- Fixed --sort not being respected after the first reload
when used in conjunction with --reload

- All key actions can now also be bound to a button by
specifying them in .config/feh/buttons. However, note
that button actions can not be bound to keys.

- Rename 'menu' key action to 'toggle_menu', 'prev' to
'prev_img' and 'next' to 'next_img'. The old names are
still supported, but no longer documented.

- feh now also sets the X11 _NET_WM_PID and
WM_CLIENT_MACHINE window properties

- Fixed compilation on systems where HOST_NAME_MAX is not
defined

- Also support in-place editing for images loaded via
libcurl or imagemagick. Results will not be written back
to disk in this case.

- Fixed crash when trying to rotate a JPEG image without
having jpegtran / jpegexiforient installed

- Handle failing fork() calls gracefully

- Fixed invalid key/button definitions mis-assigning
keys/buttons to other actions

- Added sort mode --sort dirname to sort images by
directory instead of by name.

- Added navigation keys next_dir (]) and prev_dir ([) to
jump to the first image of the nex/previous directory

- Fixed toggle_filenames key displaying wrong file numbers
in multiwindow mode

- Rescale image when resizing a window and --scale-down or
--geometry is active.

- Fixed --keep-zoom-vp not keeping the viewport x/y
offsets

- Fixed w (size_to_image) key not updating window size
when --scale-down or --geometry is active

- Added --insecure option to disable HTTPS certificate
checks

- Added --no-recursive option to disable recursive
directory expansion.

- Improve --scale-down in tiling environments.

- --action and --action[1..9] now support action titles

- -f / --filelist: Do not print useless error message when
a correct filelist file is specified

- -f / --filelist: Fix bug in '-' / '/dev/stdin' handling
affecting feh running in ksh and possibly other
environments

- Add --xinerama-index option for background setting

- When removing the last image in slidsehow mode, stay on
the last (previously second-to-last) image

- Allow --sort and --randomize to override each other
(most recently specified option wins) instead of always
preferring --sort

- Thumbnail mode: Mark image as processed when executing
an action (--action) by clicking on an image

- It is now possible to override feh's idea of the active
xinerama screen using the --xinerama-index option

- Removed (undocumented) feature allowing to override
feh's idea of the active xinerama screen by setting the
XINERAMA_SCREEN environment variable

- Removed obsolete gpg macro

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1034567
https://bugzilla.opensuse.org/show_bug.cgi?id=955576

Solution :

Update the affected feh packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 99926 ()

Bugtraq ID:

CVE ID: CVE-2017-7875

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now