| Summary: | python-m2crypto new buffer overflow security issue | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | davidwhodgins, sysadmin-bugs, tarazed25 |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/665047/ | ||
| Whiteboard: | has_procedure advisory MGA5-64-OK MGA5-32-OK | ||
| Source RPM: | python-m2crypto-0.22.3-5.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2015-11-19 18:14:42 CET
David Walser
2015-11-19 18:14:50 CET
Whiteboard:
(none) =>
MGA5TOO updated to python-m2crypto-0.22.5 and patched in Cauldron mga6 and in mga5 In 5/core/update_testing : python-m2crypto-0.22.5-1.mga5.i586 python-m2crypto-0.22.5-1.mga5.x86_64 from : python-m2crypto-0.22.5-1.mga5.src In 6/core/release : python-m2crypto-0.22.5-1.mga6.i586 python-m2crypto-0.22.5-1.mga6.x86_64 from : python-m2crypto-0.22.5-1.mga6.src Assignee:
makowski.mageia =>
security Advisory: ======================== Updated python-m2crypto package fixes security vulnerability: A bug was found in pbkdf2 function of m2crypto package, such that when given a 74 byte result, a buffer overflow occurs leading to crash of the application (rhbz#1271165). References: https://lists.fedoraproject.org/pipermail/package-announce/2015-November/172083.html Version:
Cauldron =>
5
Dave Hodgins
2015-11-20 19:29:17 CET
CC:
(none) =>
davidwhodgins mga5 x86_64 Mate $ sudo urpmi python-m2crypto Package python-m2crypto-0.22.3-5.mga5.x86_64 is already installed Ran the interactive python test as described in the reference URL: $ python >>> import M2Crypto >>> M2Crypto.EVP.pbkdf2('foo', 'abc', 1, 74) *** stack smashing detected ***: python terminated ======= Backtrace: ========= /lib64/libc.so.6(+0x7241e)[0x7fc15f32441e] ..... 7fc15d262000-7fc15d461000 ---p 0001a000 08:03 27263891 /usr/lib64/libz.so.1.2.8Abort Updated to python-m2crypto-0.22.5-1 and ran the test again $ python Python 2.7.9 (default, Dec 14 2014, 10:12:16) [GCC 4.9.2] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import M2Crypto >>> M2Crypto.EVP.pbkdf2('foo', 'abc', 1, 74) '2n\x13\xdd\xab\xb1N\xbc\xc0\xb3\x16\x85\xb1_(#\x02\xe6\x92L\xf6\xb6\xf8<\x80\xb7v\xc8\xec\x83tZ\xfd4\x9f\r\xea>?\x1d\xbb\x9b\xe3\xe1"\xc9W\x9e\x80\xdc\x0e\x16t\x06\x8e\x86~q\x82\xd2,\xaaa\xb1\x06+4k\x1dg\xf7CXF' >>> exit() Assuming that this is an expected result, 64-bit OK. CC:
(none) =>
tarazed25
Len Lawrence
2015-11-22 01:34:45 CET
Whiteboard:
advisory =>
has_procedure advisory MGA5-64-OK mga5 i586 in vbox Mate
$ sudo urpmi python-m2crypto
installing python-m2crypto-0.22.3-5.mga5.i586.rpm from /var/cache/urpmi/rpms
$ python
>>> import M2Crypto
>>> M2Crypto.EVP.pbkdf2('foo', 'abc', 1, 74)
*** stack smashing detected ***: python terminated
Backtrace then the abort message.
After update:
Ran the test as above and it returned precisely the same encryption information as in the 64-bit test.
Len Lawrence
2015-11-22 01:50:43 CET
Whiteboard:
has_procedure advisory MGA5-64-OK =>
has_procedure advisory MGA5-64-OK MGA5-32-OK
Len Lawrence
2015-11-22 17:56:04 CET
Keywords:
(none) =>
validated_update Well done Len An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0458.html Status:
NEW =>
RESOLVED |