| Summary: | scummvm new security issue CVE-2017-17528 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | lists.jjorge, mageia, rverschelde, sysadmin-bugs |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6-64-OK | ||
| Source RPM: | scummvm-1.8.1-1.mga6.src.rpm | CVE: | CVE-2017-17528 |
| Status comment: | Patches available from upstream and Fedora | ||
|
Description
David Walser
2018-06-07 18:08:59 CEST
SUSE bug: https://bugzilla.novell.com/show_bug.cgi?id=1073248 Fedora commit: https://src.fedoraproject.org/cgit/rpms/scummvm.git/commit/?h=f27&id=3d475bb40e2d7a92d31e764115bfd54b65ffc26a CC:
(none) =>
lists.jjorge I know a ScummVM upstream maintainer, I'll ask him if it's safe for users to upgrade to 2.0.0 or if he wants to help me backport the patch to 1.8.1. Patched scummvm-2.0.0-3.mga7 pushed to Cauldron, with the addition of FreeType2 support (which adds one scummvm engine). I'm pushing the same version to Mageia 6 as scummvm-2.0.0-1.mga6. Advisory: ========= Updated scummvm package fixes security vulnerability ScummVM 1.8.1's POSIX backend does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. This update fixes it, and updates ScummVM to the latest 2.0.0 upstream release, adding support for 23 new games, and several bug fixes. References: - https://bugzilla.novell.com/show_bug.cgi?id=1073248 - https://www.scummvm.org/news/20171217/ SRPM in core/updates_testing: ============================= scummvm-2.0.0-1.mga6 RPM in core/updates_testing: ============================ scummvm-2.0.0-1.mga6 Assignee:
rverschelde =>
qa-bugs Forgot to mention the CVE number in the advisory, new one: Advisory: ========= Updated scummvm package fixes security vulnerability ScummVM 1.8.1's POSIX backend does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL (CVE-2017-17528). This update fixes it, and updates ScummVM to the latest 2.0.0 upstream release, adding support for 23 new games, and several bug fixes. References: - https://bugzilla.novell.com/show_bug.cgi?id=1073248 - https://www.scummvm.org/news/20171217/ CVE:
(none) =>
CVE-2017-17528 Installed and tested without issue. Tested using several games downloaded from https://www.scummvm.org/games/ System: Mageia 6, x86_64, Plasma DE, LXQt DE, Intel CPU, nVidia GPU using nvidia340 proprietary driver. $ uname -a Linux marte 4.14.44-desktop-2.mga6 #1 SMP Mon May 28 22:35:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ rpm -q scummvm scummvm-2.0.0-1.mga6 CC:
(none) =>
mageia Validating
claire robinson
2018-06-14 18:10:45 CEST
Keywords:
(none) =>
validated_update An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0278.html Status:
NEW =>
RESOLVED |