Bug 20450

Fixed on cauldron

Whiteboard: MGA5TOO => (none)
CVE: (none) => CVE-2017-6318
Version: Cauldron => 5
CC: (none) => mageia

Patched package uploaded for Mageia 5.

Advisory:
========================

Updated sane packages fix security vulnerability:

saned could have leaked uninitialized memory back to its requesters for some
opcodes, allowing for information disclosure of saned memory (CVE-2017-6318).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6318
https://lists.opensuse.org/opensuse-updates/2017-03/msg00016.html
========================

Updated packages in core/updates_testing:
========================
libsane1-1.0.24-10.2.mga5
libsane1-devel-1.0.24-10.2.mga5
sane-backends-1.0.24-10.2.mga5
sane-backends-iscan-1.0.24-10.2.mga5
sane-backends-doc-1.0.24-10.2.mga5
saned-1.0.24-10.2.mga5

from sane-1.0.24-10.2.mga5.src.rpm

CC: (none) => lists.jjorge
Assignee: lists.jjorge => qa-bugs

OK with HP Officejet 6110, in a 32-bit install, using Intel motherboard, Core 2 Duo, Intel graphics, when called using the xsane plugin of Gimp.

Previewed and scanned an old photo, both in color and grayscale.

Whiteboard: (none) => mga5-32-ok
CC: (none) => andrewsfarm

In VirtualBox, M5.1, KDE, 34-bit

Package(s) under test:
saned

default install of sane xsane libsane1 sane-backends sane-backends-iscan sane-backends-doc saned

[root@localhost wilcal]# uname -a
Linux localhost 4.4.74-desktop-1.mga5 #1 SMP Mon Jun 26 07:50:58 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi sane
Package sane-backends-1.0.24-10.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi xsane
Package xsane-0.999-5.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi libsane1
Package libsane1-1.0.24-10.mga5.i586 is already installed
[root@localhost wilcal]# urpmi sane-backends
Package sane-backends-1.0.24-10.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi sane-backends-iscan
Package sane-backends-iscan-1.0.24-10.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi sane-backends-doc
Package sane-backends-doc-1.0.24-10.mga5.noarch is already installed
[root@localhost wilcal]# urpmi saned
Package saned-1.0.24-10.mga5.x86_64 is already installed

xsane scans documents and outputs to a file that can be edited by Gimp

install sane xsane libsane1 sane-backends sane-backends-iscan sane-backends-doc
saned from updates_testing

[root@localhost wilcal]# uname -a
Linux localhost 4.4.74-desktop-1.mga5 #1 SMP Mon Jun 26 07:50:58 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi sane
Package sane-backends-1.0.24-10.2.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi xsane
Package xsane-0.999-5.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi libsane1
Package libsane1-1.0.24-10.2.mga5.i586 is already installed
[root@localhost wilcal]# urpmi sane-backends
Package sane-backends-1.0.24-10.2.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi sane-backends-iscan
Package sane-backends-iscan-1.0.24-10.2.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi sane-backends-doc
Package sane-backends-doc-1.0.24-10.2.mga5.noarch is already installed
[root@localhost wilcal]# urpmi saned
Package saned-1.0.24-10.2.mga5.x86_64 is already installed

xsane scans documents and outputs to a file that can be edited by Gimp

CC: (none) => wilcal.int

This update works fine.
Testing complete for MGA5, 32-bit & 64-bit
Validating the update.
Could someone from the sysadmin team push to updates.
Thanks

Whiteboard: mga5-32-ok => mga5-32-ok mga5-64-ok
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0208.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED