Bug 19157

Summary: fontconfig new security issue CVE-2016-5384
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: herman.viaene, lewyssmith, sysadmin-bugs, tarazed25
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/696807/
Whiteboard: MGA5-32-OK MGA5-64-OK advisory
Source RPM: fontconfig-2.11.1-4.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-08-08 21:57:44 CEST 
Debian has issued an advisory today (August 8):
https://lists.debian.org/debian-security-announce/2016/msg00222.html

The DSA will hopefully be posted here:
https://www.debian.org/security/2016/dsa-3644

Patched packages uploaded for Mageia 5 and Cauldron.

Advisory:
========================

Updated fontconfig packages fix security vulnerability:

Tobias Stoeckmann discovered that cache files are insufficiently validated in
fontconfig, a generic font configuration library. An attacker can trigger
arbitrary free() calls, which in turn allows double free attacks and therefore
arbitrary code execution. In combination with setuid binaries using crafted
cache files, this could allow privilege escalation (CVE-2016-5384).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384
https://lists.debian.org/debian-security-announce/2016/msg00222.html
========================

Updated packages in core/updates_testing:
========================
fontconfig-2.11.1-4.1.mga5
libfontconfig1-2.11.1-4.1.mga5
libfontconfig-devel-2.11.1-4.1.mga5

from fontconfig-2.11.1-4.1.mga5.src.rpm
David Walser 2016-08-09 20:11:31 CEST

URL: (none) => http://lwn.net/Vulnerabilities/696807/

Comment 1 Herman Viaene 2016-08-11 14:32:46 CEST 
MGA5-32 on Acer D620 Xfce
No installation issues
Used at CLI
$ fc-scan /usr/share/fonts/75dpi/courR24-ISO8859-1.pcf.gz
and got same result before and after the update.

CC: (none) => herman.viaene

Herman Viaene 2016-08-11 14:33:01 CEST

Whiteboard: (none) => MGA5-32-OK

Comment 2 Len Lawrence 2016-08-12 23:56:20 CEST 
Confirmed Herman's results for 64-bits, before and after update.

CC: (none) => tarazed25

Len Lawrence 2016-08-12 23:56:37 CEST

Whiteboard: MGA5-32-OK => MGA5-32-OK MGA5-64-OK

Comment 3 Lewis Smith 2016-08-13 09:20:54 CEST 
Update validated, and Advisory uploaded.

Keywords: (none) => validated_update
Whiteboard: MGA5-32-OK MGA5-64-OK => MGA5-32-OK MGA5-64-OK advisory
CC: (none) => lewyssmith, sysadmin-bugs

Comment 4 Mageia Robot 2016-08-31 17:33:48 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0287.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED