Security update for feh SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1139-1 Final 1 1 2017-05-01T16:20:00Z current 2017-05-01T16:20:00Z 2017-05-01T16:20:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for feh This update for feh on Leap 42.1 fixes this security issue: - CVE-2017-7875: In wallpaper.c in feh if a malicious client pretended to be the E17 window manager, it was possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free (bsc#1034567). This update for feh on Leap 42.2 to version 2.18.3 fixes several issues. This security issue was fixed on Leap 42.2: - CVE-2017-7875: In wallpaper.c in feh if a malicious client pretended to be the E17 window manager, it was possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free (bsc#1034567). These non-security issue was fixed on Leap 42.2: - boo#955576: added jpegexiforient - Fixed image-specific format specifiers not being updated correctly in thumbnail mode window titles - Fixed memory leak when closing images opened from thumbnail mode - Fixed a possible out of bounds read caused by an unterminated string when using --output to save images in long paths - Fixed out of bounds read/write when handling empty or broken caption files. - Fixed memory leak when saving a filelist or image whose target filename already exists. - Fixed image-specific format specifiers not being updated correctly - New key binding: ! - zoom_fill (zoom to fill window, may cut off image parts - Disable EXIF-based auto rotation by default - Added --auto-rotate option to enable auto rotation - Added feh-makefile_app.patch -- fix install location of icons - Install feh icon (both 48x48 and scalable SVG) to /usr/share/icons when running 'make install app=1' - Fixed --sort not being respected after the first reload when used in conjunction with --reload - All key actions can now also be bound to a button by specifying them in .config/feh/buttons. However, note that button actions can not be bound to keys. - Rename 'menu' key action to 'toggle_menu', 'prev' to 'prev_img' and 'next' to 'next_img'. The old names are still supported, but no longer documented. - feh now also sets the X11 _NET_WM_PID and WM_CLIENT_MACHINE window properties - Fixed compilation on systems where HOST_NAME_MAX is not defined - Also support in-place editing for images loaded via libcurl or imagemagick. Results will not be written back to disk in this case. - Fixed crash when trying to rotate a JPEG image without having jpegtran / jpegexiforient installed - Handle failing fork() calls gracefully - Fixed invalid key/button definitions mis-assigning keys/buttons to other actions - Added sort mode --sort dirname to sort images by directory instead of by name. - Added navigation keys next_dir (]) and prev_dir ([) to jump to the first image of the nex/previous directory - Fixed toggle_filenames key displaying wrong file numbers in multiwindow mode - Rescale image when resizing a window and --scale-down or --geometry is active. - Fixed --keep-zoom-vp not keeping the viewport x/y offsets - Fixed w (size_to_image) key not updating window size when --scale-down or --geometry is active - Added --insecure option to disable HTTPS certificate checks - Added --no-recursive option to disable recursive directory expansion. - Improve --scale-down in tiling environments. - --action and --action[1..9] now support action titles - -f / --filelist: Do not print useless error message when a correct filelist file is specified - -f / --filelist: Fix bug in '-' / '/dev/stdin' handling affecting feh running in ksh and possibly other environments - Add --xinerama-index option for background setting - When removing the last image in slidsehow mode, stay on the last (previously second-to-last) image - Allow --sort and --randomize to override each other (most recently specified option wins) instead of always preferring --sort - Thumbnail mode: Mark image as processed when executing an action (--action) by clicking on an image - It is now possible to override feh's idea of the active xinerama screen using the --xinerama-index option - Removed (undocumented) feature allowing to override feh's idea of the active xinerama screen by setting the XINERAMA_SCREEN environment variable - Removed obsolete gpg macro The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-05/msg00000.html E-Mail link for openSUSE-SU-2017:1139-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 feh-2.18.3-6.3.1 feh-2.18.3-6.3.1 as a component of openSUSE Leap 42.1 feh-2.18.3-6.3.1 as a component of openSUSE Leap 42.2 In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free. CVE-2017-7875 openSUSE Leap 42.1:feh-2.18.3-6.3.1 openSUSE Leap 42.2:feh-2.18.3-6.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-05/msg00000.html https://www.suse.com/security/cve/CVE-2017-7875.html CVE-2017-7875 https://bugzilla.suse.com/1034567 SUSE Bug 1034567