| Summary: | expat new security issue fixed upstream in 2.2.7 (CVE-2018-20843) | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, herman.viaene, shlomif, sysadmin-bugs, tarazed25, tmb |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6TOO MGA6-64-OK MGA7-64-OK | ||
| Source RPM: | expat-2.2.6-2.mga7.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2019-06-28 14:13:21 CEST
David Walser
2019-06-28 14:13:35 CEST
Whiteboard:
(none) =>
MGA7TOO, MGA6TOO I think this is yours, Shlomi. CC:
(none) =>
lewyssmith Debian has issued an advisory for this on June 28: https://www.debian.org/security/2019/dsa-4472 Ubuntu has issued an advisory for this on June 26: https://usn.ubuntu.com/4040-1/ Shlomi updated Cauldron to 2.2.7 on June 29. Shlomi uploaded an updated package for Mageia 7. Waiting for Mageia 6... expat-2.2.7-1.mga7 libexpat1-2.2.7-1.mga7 libexpat-devel-2.2.7-1.mga7 Version:
Cauldron =>
7 Advisory: ======================== Updated expat packages fix security vulnerability: It was discovered that Expat did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service (CVE-2018-20843). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes https://www.debian.org/security/2019/dsa-4472 ======================== Updated packages in core/updates_testing: ======================== expat-2.2.7-1.mga6 libexpat1-2.2.7-1.mga6 libexpat-devel-2.2.7-1.mga6 expat-2.2.7-1.mga7 libexpat1-2.2.7-1.mga7 libexpat-devel-2.2.7-1.mga7 from SRPMS: expat-2.2.7-1.mga6.src.rpm expat-2.2.7-1.mga7.src.rpm Assignee:
shlomif =>
qa-bugs MGA6-64 Plasma on Lenovo B50 No installation issues Followed tests as described in https://wiki.mageia.org/en/QA_procedure:Expat $ python testexpat.py Tested OK $ xmlwf /etc/xml/catalog $ xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) All seems OK. CC:
(none) =>
herman.viaene
Lewis Smith
2019-09-08 09:02:42 CEST
CC:
lewyssmith =>
(none) mga7, x86_64 CVE-2018-20843 https://bugzilla.suse.com/show_bug.cgi?id=1139937&_ga=2.66152878.104103968.1568393798-120638559.1565709153 $ xmlwf clusterfuzz-testcase-4543406568112128.txt clusterfuzz-testcase-4543406568112128.txt:1:88403: no element found This is the expected result. Also:- $ valgrind xmlwf clusterfuzz-testcase-4543406568112128.txt One CPU core hit 99% and stayed there.... for a while. "no element found" was reported. Updated the packages and ran the POC. $ xmlwf clusterfuzz-testcase-4543406568112128.txt clusterfuzz-testcase-4543406568112128.txt:1:88403: no element found That returned immediately as did the valgrind test. Issue fixed. Followed the Mageia wiki test as reported in comment 6. $ edit testexpat.py $ edit testdata.xml $ python testexpat.py Tested OK $ python3 testexpat.py Tested OK $ xmlwf /etc/xml/catalog $ xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) OK for mga7 as well. CC:
(none) =>
tarazed25 Validating. Advisory in Comment 5. Keywords:
(none) =>
validated_update
Thomas Backlund
2019-09-15 11:53:11 CEST
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0274.html Status:
NEW =>
RESOLVED
portaitheap portaitheap
2022-01-24 19:44:13 CET
CC:
(none) =>
nillremilton
Dave Hodgins
2022-01-24 20:40:21 CET
CC:
nillremilton =>
davidwhodgins |