| Summary: | openslp new security issue CVE-2019-5544 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | andrewsfarm, cooker, herman.viaene, smelror, sysadmin-bugs, tmb |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK | ||
| Source RPM: | openslp-2.0.0-10.mga7.src.rpm | CVE: | |
| Status comment: | Patch is available | ||
|
Description
David Walser
2019-12-07 16:37:46 CET
David Walser
2019-12-07 16:38:04 CET
Whiteboard:
(none) =>
MGA7TOO Assign/CC to Johnny & Stig as most recent committers. No registered maintainer. CC:
(none) =>
smelror Debian-LTS has issued an advisory for this on December 8: https://www.debian.org/lts/security/2019/dla-2025 RedHat has issued an advisory for this on December 16: https://access.redhat.com/errata/RHSA-2019:4240 Fedora has issued an advisory for this on December 18: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG/ Severity:
normal =>
critical
David Walser
2020-01-14 17:42:29 CET
Status comment:
(none) =>
Patch is available I have uploaded a patched mga7 package that fixes this. (I have no idea how you test this) Suggested advisory: ======================== A heap-based buffer overflow was discovered in OpenSLP in the way the slpd service processes URLs in service request messages. A remote unauthenticated attacker could register a service with a specially crafted URL that, when used during a service request message, would trigger the flaw and cause the program to crash or to remotely execute code with the privileges of the slpd service. This update fixes this. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5544 https://www.openwall.com/lists/oss-security/2019/12/06/1 Updated packages in 7/core/updates_testing ======================== openslp-2.0.0-10.1.mga7 Source RPM: openslp-2.0.0-10.1.mga7.src.rpm Assignee:
cooker =>
qa-bugs
Thomas Backlund
2020-01-31 16:04:25 CET
Whiteboard:
MGA7TOO =>
(none) MGA7-64 Plasma on Lenovo B50 No installation issues. Ref bug 7081 for tests. # systemctl -l status slpd ● slpd.service - LSB: OpenSLP daemon for the Service Location Protocol Loaded: loaded (/etc/rc.d/init.d/slpd; generated) Active: inactive (dead) Docs: man:systemd-sysv-generator(8) # systemctl -l start slpd # systemctl -l status slpd ● slpd.service - LSB: OpenSLP daemon for the Service Location Protocol Loaded: loaded (/etc/rc.d/init.d/slpd; generated) Active: active (running) since Fri 2020-02-07 14:33:46 CET; 3s ago Docs: man:systemd-sysv-generator(8) Process: 19721 ExecStart=/etc/rc.d/init.d/slpd start (code=exited, status=0/SUCCESS) Memory: 1.6M CGroup: /system.slice/slpd.service └─19737 /usr/sbin/slpd feb 07 14:33:45 mach5.hviaene.thuis systemd[1]: Starting LSB: OpenSLP daemon for the Service Location Protocol... feb 07 14:33:46 mach5.hviaene.thuis slpd[19721]: Starting slpd: Multicast Route Enabled[ OK ] feb 07 14:33:46 mach5.hviaene.thuis systemd[1]: Started LSB: OpenSLP daemon for the Service Location Protocol. then $ slptool findsrvs service:service-agent service:service-agent://192.168.2.5,65535 which is OK0 Whiteboard:
(none) =>
MGA7-64-OK Validating. Advisory in Comment 5. Keywords:
(none) =>
validated_update
Thomas Backlund
2020-02-09 19:05:23 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0075.html Status:
ASSIGNED =>
RESOLVED |