| Summary: | expat new security issues CVE-2012-6702 and CVE-2016-5300 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | lewyssmith, marja11, sysadmin-bugs, tmb |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/690403/ | ||
| Whiteboard: | has_procedure MGA5-32-OK MGA5-64-OK advisory | ||
| Source RPM: | expat-2.1.1-2.mga6.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2016-06-04 23:25:26 CEST
David Walser
2016-06-04 23:25:51 CEST
Whiteboard:
(none) =>
MGA5TOO
Marja Van Waes
2016-06-05 13:51:33 CEST
CC:
(none) =>
marja11 Debian has issued an advisory for this on June 7: https://www.debian.org/security/2016/dsa-3597 Patched packages uploaded for Mageia 5 and Cauldron. Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=5141#c7 Advisory: ======================== Updated expat packages fix security vulnerabilities: An issue was introduced when CVE-2012-0876 was addressed. Stefan Sørensen discovered that the use of the function XML_Parse() seeds the random number generator generating repeated outputs for rand() calls (CVE-2012-6702). Due to an incomplete solution for CVE-2012-0876, the parser poorly seeds the random number generator allowing an attacker to cause a denial of service (CPU consumption) via an XML file with crafted identifiers (CVE-2016-5300). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300 https://www.debian.org/security/2016/dsa-3597 ======================== Updated packages in core/updates_testing: ======================== expat-2.1.0-9.3.mga5 libexpat1-2.1.0-9.3.mga5 libexpat-devel-2.1.0-9.3.mga5 from expat-2.1.0-9.3.mga5.src.rpm URL:
(none) =>
http://lwn.net/Vulnerabilities/690403/ Testing M5 x64 > Testing procedure: > https://bugs.mageia.org/show_bug.cgi?id=5141#c7 We now have (thanks to David) a dedicated Wiki for this: https://wiki.mageia.org/en/QA_procedure:Expat [Although I cannot find the link between 'xmlwf' and expat] With both testdata.xml & testexpat.py; xmlwf gives no O/P if the file is OK. BEFORE update: $ xmlwf /etc/xml/catalog $ xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) $ xmlwf testdata.xml $ python testexpat.py Tested OK AFTER update: expat-2.1.0-9.3.mga5 lib64expat1-2.1.0-9.3.mga5 lib64expat-devel-2.1.0-9.3.mga5 Results were all the same as above, i.e. correct. Update looks OK. CC:
(none) =>
lewyssmith (In reply to Lewis Smith from comment #2) > [Although I cannot find the link between 'xmlwf' and expat] xmlwf is a command in the expat package. Tested fine on Mageia 5 i586. Whiteboard:
has_procedure MGA5-64-OK =>
has_procedure MGA5-32-OK MGA5-64-OK Validating. Advisory to follow. Keywords:
(none) =>
validated_update advisory added CC:
(none) =>
tmb An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0227.html Status:
NEW =>
RESOLVED (In reply to Thomas Backlund from comment #6) > advisory added with an incorrect CVE identifier (2016 instead of 2012). Fixed in SVN. |