Bug 21062

Summary:	rxvt-unicode new possible security issue related to CVE-2017-7483
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	QA Team <qa-bugs>
Status:	RESOLVED FIXED	QA Contact:	Sec team <security>
Severity:	normal
Priority:	Normal	CC:	cae, davidwhodgins, jim, lewyssmith, sysadmin-bugs
Version:	5	Keywords:	validated_update
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:	advisory MGA5-64-OK MGA5-32-Ok
Source RPM:	rxvt-unicode-9.22-1.mga6.src.rpm	CVE:
Status comment:

Description David Walser 2017-06-10 02:50:28 CEST

openSUSE has issued an advisory today (June 9):
https://lists.opensuse.org/opensuse-updates/2017-06/msg00028.html

They added a patch to harden against possible issues similar to CVE-2017-7483 in rxvt.

Mageia 5 is also affected.

David Walser 2017-06-10 02:50:35 CEST

Whiteboard: (none) => MGA5TOO

Comment 1 David Walser 2017-06-10 17:57:05 CEST

Patched packages uploaded for Mageia 5 and Cauldron.

Advisory:
========================

The rxvt-unicode package has been patched to harden it against potential
integer overflow issues when printing escape sequences.

References:
https://lists.opensuse.org/opensuse-updates/2017-06/msg00028.html
========================

Updated packages in core/updates_testing:
========================
rxvt-unicode-9.20-5.1.mga5

from rxvt-unicode-9.20-5.1.mga5.src.rpm

Whiteboard: MGA5TOO => (none)
Version: Cauldron => 5
Assignee: bugsquad => qa-bugs

Dave Hodgins 2017-06-13 05:30:12 CEST

Whiteboard: (none) => advisory
CC: (none) => davidwhodgins

Comment 2 Lewis Smith 2017-06-14 11:36:59 CEST

Testing Mageia 5 64-bit
A color VT102 terminal emulator for the X Window System.

 https://bugs.mageia.org/show_bug.cgi?id=13299#c7
has a PoC from a previous update (thanks yet again to Claire), shown below post update. The 'after' case should apply here.

Installed version rxvt-unicode-9.20-5.mga5 from normal repos, tried it briefly without exercising its specialitites. Had not then discovered the earlier test...
-------------------------------------
Updated to: rxvt-unicode-9.20-5.1.mga5
It seems to work normally. This time I did the old PoC:
 $ echo $'\e]3;?WM_CLASS\x07'; read -d $'\a' x; printf "\n%q\n" "$x";
 
 ^[]3;^G
 $'\E]3;'
and the ouptut is correct (believe it!).

Update OK.

CC: (none) => lewyssmith
Whiteboard: advisory => advisory MGA5-64-OK

Comment 3 James Kerr 2017-06-28 15:58:37 CEST

On mga5-32 in a vbox VM

Installed from /release:

- ncurses-extraterms-5.9-21.mga5.i586
- rxvt-unicode-9.20-5.mga5.i586

following Lewis' lead tested previous POC

$ echo $'\e]3;?WM_CLASS\x07'; read -d $'\a' x; printf "\n%q\n" "$x";

^[]3;^G
$'\E]3;'

Update installed cleanly:

- rxvt-unicode-9.20-5.1.mga5.i586

repeated test:

~]$ echo $'\e]3;?WM_CLASS\x07'; read -d $'\a' x; printf "\n%q\n" "$x";

^[]3;^G
$'\E]3;'

Also ran several commands including mc. 
All seemed to work as expected.

OK for mga5-32

Is there a way to increase the font size in this thing? I could barely read it.

Whiteboard: advisory MGA5-64-OK => advisory MGA5-64-OK MGA5-32-Ok
CC: (none) => jim

Comment 4 James Kerr 2017-06-28 16:01:13 CEST

This update is now validated and can be pushed to updates

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 5 Charles Edwards 2017-06-28 17:41:53 CEST

(In reply to James Kerr from comment #3)
 
> Is there a way to increase the font size in this thing? I could barely read
> it.

Unless you are planning to be a regular urxvt user and want to know everything about it, the simplest way to increase the font size is to create ~.Xdefaults and add the line

URxvt.font: 9x15

When next launched urxvt will use misc-fixed-medium-r-normal--15-140-75-75-c-90-iso8859-1 which will be easy to read.

CC: (none) => cae

Comment 6 Mageia Robot 2017-06-29 23:48:00 CEST

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0193.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED