Bug 15588

Summary: libtasn1 new security issue fixed upstream in 4.4 (CVE-2015-2806)
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: oe, sysadmin-bugs
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/639035/
Whiteboard: has_procedure advisory MGA4-32-OK
Source RPM: libtasn1-4.2-2.mga5.src.rpm CVE:
Status comment:

Description David Walser 2015-03-30 14:09:05 CEST 
A CVE has been requested for a security issue fixed in libtasn1 4.4:
http://openwall.com/lists/oss-security/2015/03/29/4

The upstream commit to fix the issue is linked in the message above.

Mageia 4 and Mageia 5 are affected.

I've patched the versions in Mageia 4 and Cauldron SVN locally with the upstream commit and both build fine and pass their test suite.  Waiting for the CVE before committing.

Reproducible: 

Steps to Reproduce:
David Walser 2015-03-30 14:09:11 CEST

Whiteboard: (none) => MGA5TOO, MGA4TOO

David Walser 2015-03-30 14:09:28 CEST

Blocks: (none) => 14674

Comment 1 Oden Eriksson 2015-03-31 09:13:54 CEST 
CVE-2015-2806: http://openwall.com/lists/oss-security/2015/03/31/2

CC: (none) => oe

Oden Eriksson 2015-03-31 09:14:16 CEST

Summary: libtasn1 new security issue fixed upstream in 4.4 => CVE-2015-2806: libtasn1 new security issue fixed upstream in 4.4

Comment 2 David Walser 2015-03-31 12:39:22 CEST 
Patch checked into Mageia 4 and Cauldron SVN.  Freeze push requested for Cauldron.

Summary: CVE-2015-2806: libtasn1 new security issue fixed upstream in 4.4 => libtasn1 new security issue fixed upstream in 4.4 (CVE-2015-2806)

Comment 3 David Walser 2015-03-31 16:43:07 CEST 
Patched packages uploaded for Mageia 4 and Cauldron.

Testing procedure:
https://bugs.mageia.org/show_bug.cgi?id=5128#c10

Advisory:
========================

Updated libtasn1 packages fix security vulnerability:

The libtasn1 library before version 4.4 is vulnerable to a two-byte stack
overflow in asn1_der_decoding (CVE-2015-2806).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2806
http://openwall.com/lists/oss-security/2015/03/31/2
========================

Updated packages in core/updates_testing:
========================
libtasn1_6-3.6-1.1.mga4
libtasn1-tools-3.6-1.1.mga4
libtasn1-devel-3.6-1.1.mga4

from libtasn1-3.6-1.1.mga4.src.rpm

Version: Cauldron => 4
Blocks: 14674 => (none)
Assignee: bugsquad => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => has_procedure

Comment 4 David Walser 2015-03-31 18:56:44 CEST 
I repeated Claire's test from here:
https://bugs.mageia.org/show_bug.cgi?id=13456#c1

Same results on Mageia 4 i586 with the update.

Whiteboard: has_procedure => has_procedure MGA4-32-OK

Comment 5 claire robinson 2015-04-03 14:07:17 CEST 
Validating. Advisory uploaded.

Please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure MGA4-32-OK => has_procedure advisory MGA4-32-OK
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2015-04-03 15:12:07 CEST 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0128.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2015-04-03 18:07:10 CEST

URL: (none) => http://lwn.net/Vulnerabilities/639035/