Bug 27329

Summary: libraw new security issue CVE-2020-24890
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: All Packagers <pkg-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: geiger.david68210, jani.valimaa, mageia, nicolas.salguero, ouaurelien
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: libraw-0.20.0-1.mga8.src.rpm CVE: CVE-2020-24890
Status comment:

Description David Walser 2020-09-26 20:05:18 CEST 
Fedora has issued an advisory today (September 26):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EWHUZCRMGOC3QS6C65KWBM6ZJM25V6HI/

Mageia 7 is also affected.
David Walser 2020-09-26 20:05:30 CEST

Whiteboard: (none) => MGA7TOO

Comment 1 Aurelien Oudelet 2020-09-26 23:28:34 CEST 
Thanks reporting this.
Sadly assigning to all packagers.

(Packagers: Please change status to "Assigned" when you are working on this.)

Assignee: bugsquad => pkg-bugs
CC: (none) => ouaurelien

Comment 2 Aurelien Oudelet 2020-09-26 23:38:33 CEST 
CC'ed recent commiters.

CC: (none) => geiger.david68210, jani.valimaa

Comment 3 Nicolas Salguero 2020-09-30 10:04:20 CEST 
Hi,

After checking the code and the patch, I did not find any reference to the problematic code in Mageia 7 and the summary of the CVE seems to confirm that the issue only affects version 0.20.0 so the problem appears only for Cauldron.

Best regards,

Nico.

Resolution: (none) => FIXED
Whiteboard: MGA7TOO => (none)
Status: NEW => RESOLVED
CVE: (none) => CVE-2020-24890
CC: (none) => nicolas.salguero

Comment 4 David Walser 2020-09-30 14:33:58 CEST 
https://bugzilla.redhat.com/show_bug.cgi?id=1882344#c2

The code is in a different place in older versions.

Whiteboard: (none) => MGA7TOO
Resolution: FIXED => (none)
Status: RESOLVED => REOPENED

Comment 5 David Walser 2020-09-30 15:02:31 CEST 
Fixed in Cauldron by Nicolas in libraw-0.20.0-2.mga8.

Version: Cauldron => 7
Whiteboard: MGA7TOO => (none)

Comment 6 Nicolas Lécureuil 2021-03-16 00:09:26 CET 
i tested the poc and we do not seems affected in mga7:

$ cat /etc/lsb-release
LSB_VERSION=
DISTRIB_ID="Mageia"
DISTRIB_RELEASE=7
DISTRIB_CODENAME=mga7
DISTRIB_DESCRIPTION="Mageia 7"


LC_ALL=C g++ -o test -lraw -I/usr/include/ test.c

$ ./test poc
libraw finished!


 from : https://github.com/LibRaw/LibRaw/issues/335

CC: (none) => mageia
Status: REOPENED => RESOLVED
Resolution: (none) => FIXED

David Walser 2021-03-16 00:14:55 CET

Version: 7 => Cauldron