Bug 15435

Summary: icu new security issues CVE-2014-6585 and CVE-2014-6591
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: olchal, rverschelde, sysadmin-bugs
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard: MGA4-32-OK MGA4-64-OK advisory
Source RPM: icu-53.1-10.mga5.src.rpm CVE:
Status comment:

Description David Walser 2015-03-05 20:48:44 CET 
Ubuntu has issued an advisory today (March 5):
http://www.ubuntu.com/usn/usn-2522-1/

We're not affected by the 2013 CVEs, and we fixed the other 2014 ones in Bug 15145.

Patch for CVE-2014-6585 and CVE-2014-6591 checked into Mageia 4 and Cauldron SVN.

Reproducible: 

Steps to Reproduce:
David Walser 2015-03-05 20:50:33 CET

Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-03-05 21:42:47 CET 
Patched packages uploaded for Mageia 4 and Cauldron.

Advisory:
========================

Updated icu packages fix security vulnerabilities:

It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program (CVE-2014-6585,
CVE-2014-6591).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
http://www.ubuntu.com/usn/usn-2522-1/
========================

Updated packages in core/updates_testing:
========================
icu-52.1-2.2.mga4
icu-data-52.1-2.2.mga4
icu-doc-52.1-2.2.mga4
libicu52-52.1-2.2.mga4
libicu-devel-52.1-2.2.mga4

from icu-52.1-2.2.mga4.src.rpm

Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => (none)

Comment 2 David Walser 2015-03-06 19:57:32 CET 
Just like last time I tested inserting special unicode characters into a LibreOffice Writer document.  No issues noted.  Tested Mageia 4 i586.
Comment 3 David Walser 2015-03-07 20:42:11 CET 
No PoC's that I can find.  Marking OK for Mageia 4 i586.

Whiteboard: (none) => MGA4-32-OK

Comment 4 olivier charles 2015-03-09 22:13:41 CET 
Testing on Mageia4x64 real hardware

Using procedure found in previous testing : 
https://bugs.mageia.org/show_bug.cgi?id=15145#c8

From current packages :
---------------------
icu-52.1-2.1.mga4
icu-data-52.1-2.1.mga4
icu-doc-52.1-2.1.mga4
lib64icu52-52.1-2.1.mga4

$ oowriter --strace

Inserted special unicode characters

in strace.log, could find :
8832  21:56:10.841741 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 3
(...)
8837  21:56:11.026130 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 4

To updated testing packages :
---------------------------
icu-52.1-2.2.mga4
icu-data-52.1-2.2.mga4
icu-doc-52.1-2.2.mga4
lib64icu52-52.1-2.2.mga4

26291 22:05:30.833504 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 3
(...)
26295 22:05:31.021346 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 4


No regression found.

CC: (none) => olchal
Whiteboard: MGA4-32-OK => MGA4-32-OK MGA4-64-OK

Comment 5 RĂ©mi Verschelde 2015-03-10 10:12:23 CET 
Advisory uploaded, validating. Please push to 4 core/updates.

Keywords: (none) => validated_update
Whiteboard: MGA4-32-OK MGA4-64-OK => MGA4-32-OK MGA4-64-OK advisory
CC: (none) => remi, sysadmin-bugs

Comment 6 Mageia Robot 2015-03-10 17:49:04 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0102.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED