| Summary: | mutt new security issue CVE-2014-9116 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | jquelin, olchal, sysadmin-bugs, thkala |
| Version: | 4 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/623865/ | ||
| Whiteboard: | has_procedure advisory MGA4-32-OK MGA4-64-OK | ||
| Source RPM: | mutt-1.5.21-12.1.mga4.src.rpm | CVE: | |
| Status comment: | |||
| Attachments: | Mageia SVN diff for update to 1.5.23 | ||
|
Description
David Walser
2014-12-01 23:02:59 CET
PoC is here on the upstream bug (hit enter once mutt starts): http://dev.mutt.org/trac/ticket/3716 Unfortunately even with the update it still segfaults for me. Maybe we need to update to 1.5.21 and use the patch from Debian sid? Jerome, perhaps you could have a look at this? CC:
(none) =>
qa-bugs Created attachment 5676 [details]
Mageia SVN diff for update to 1.5.23
This is an update of Mutt to 1.5.23. Several patches have been rediffed and the latest patch for Mutt ticket #3716 has been applied.
On my own system (Cauldron/x86_64) Mutt no longer crashes with the Debian crasher.mbox PoC.CC:
(none) =>
thkala Theodoros, thank you so much for this, it was very helpful! I have committed everything in SVN for Mageia 4 and Cauldron, and requested a freeze push for Cauldron. I have confirmed that it works and fixes the new CVE with a local Mageia 4 build. I will push the update to the build system once the Cauldron update is pushed. Updated packages uploaded for Mageia 4 and Cauldron. Advisory: ======================== Updated mutt packages fix security vulnerability: A flaw was discovered in mutt. A specially crafted mail header could cause mutt to crash, leading to a denial of service condition (CVE-2014-9116). The mutt package has been updated to version 1.5.23 and patched to fix this issue. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116 https://www.debian.org/security/2014/dsa-3083 ======================== Updated packages in core/updates_testing: ======================== mutt-1.5.23-1.mga4 mutt-utf8-1.5.23-1.mga4 mutt-doc-1.5.23-1.mga4 from mutt-1.5.23-1.mga4.src.rpm CC:
qa-bugs =>
jquelin Fix verified with the update from the build system, Mageia 4 i586. Whiteboard:
has_procedure =>
has_procedure MGA4-32-OK Testing on Mageia4x64 real hardware From current packages : --------------------- - mutt-1.5.21-12.1.mga4.x86_64 - mutt-doc-1.5.21-12.1.mga4.x86_64 - mutt-utf8-1.5.21-12.1.mga4.x86_64 Using PoC, Downloaded testfile (crasher.mbox) $ mutt -R -f crasher.mbox -e 'set weed=no' produced a segmentation fault. To updated testing packages : --------------------------- - mutt-1.5.23-1.mga4.x86_64 - mutt-doc-1.5.23-1.mga4.x86_64 - mutt-utf8-1.5.23-1.mga4.x86_64 $ mutt -R -f crasher.mbox -e 'set weed=no' No segmentation fault Configured mutt (with .muttrc file) : could retrieve mails from my gmail account, read, delete... OK then CC:
(none) =>
olchal Validating. Advisory uploaded. Please push to updates Thanks Keywords:
(none) =>
validated_update An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2014-0509.html Status:
NEW =>
RESOLVED |