Bug 15668

Summary: xterm buffer overflow in -S option fixed upstream in 314
Product: Mageia Reporter: David Walser <luigiwalser>
Component: RPM PackagesAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: sysadmin-bugs
Version: 4Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/639785/
Whiteboard: has_procedure advisory MGA4-32-OK mga4-64-ok
Source RPM: xterm-300-1.mga4.src.rpm CVE:
Status comment:

Description David Walser 2015-04-09 20:06:10 CEST 
Fedora has issued an advisory on March 5:
https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154509.html

More information about this issue is in this thread:
http://openwall.com/lists/oss-security/2015/03/03/1

It doesn't sound like it's really a security issue, just a very minor bug.

I fixed this in Cauldron a month ago by updating to 315.

Patched package uploaded for Mageia 4.

Advisory:
----------------------------------------

The xterm program could crash when called with the -S option due to a buffer
overflow.

References:
https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154509.html
http://openwall.com/lists/oss-security/2015/03/03/1
----------------------------------------

Updated packages in core/updates_testing:
----------------------------------------
xterm-300-1.1.mga4

from xterm-300-1.1.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2015-04-09 21:19:14 CEST 
Confirmed the crash and the fix for the buffer overflow.  General usage is fine.

Whiteboard: (none) => has_procedure MGA4-32-OK

Comment 2 claire robinson 2015-04-10 15:36:48 CEST 
Before
------
$ xterm -S/dev/pts/20
*** buffer overflow detected ***: xterm terminated
======= Backtrace: =========
...etc

After
-----
$ xterm -S/dev/pts/20
xterm: Error 12, errno 9: Bad file descriptor
Reason: main: ioctl() failed on F_GETFL

Whiteboard: has_procedure MGA4-32-OK => has_procedure MGA4-32-OK mga4-64-ok

Comment 3 claire robinson 2015-04-10 15:41:28 CEST 
Validating. Advisory uploaded.

Please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure MGA4-32-OK mga4-64-ok => has_procedure advisory MGA4-32-OK mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 4 Mageia Robot 2015-04-15 11:02:12 CEST 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGAA-2015-0036.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED