Bug 28556

Summary: libcaca new security issue CVE-2021-3410
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: andrewsfarm, mageia, ouaurelien, sysadmin-bugs
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7TOO MGA7-64-OK MGA8-64-OK
Source RPM: libcaca-0.99-0.beta19.5.mga8.src.rpm CVE: CVE-2021-3410
Status comment:

Description David Walser 2021-03-08 17:57:48 CET 
Debian-LTS has issued an advisory today (March 8):
https://www.debian.org/lts/security/2021/dla-2584

Mageia 7 and Mageia 8 are also affected.
David Walser 2021-03-08 17:58:04 CET

Whiteboard: (none) => MGA8TOO, MGA7TOO
Status comment: (none) => Patches available from upstream and Debian

Comment 1 Lewis Smith 2021-03-08 20:20:58 CET 
This SRPM has various committers, so assigning this bug globally.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Lécureuil 2021-03-08 22:28:23 CET 
Fixed in cauldron.

Patch added in mga7/8:
      - mageia 7:
            - libcaca-0.99-0.beta19.3.1.mga7
      - mageia 8:
            - libcaca-0.99-0.beta19.5.1.mga8

CC: (none) => mageia
Assignee: pkg-bugs => qa-bugs
Status comment: Patches available from upstream and Debian => (none)

Nicolas Lécureuil 2021-03-08 22:28:40 CET

Whiteboard: MGA8TOO, MGA7TOO => MGA7TOO
Version: Cauldron => 8

Comment 3 David Walser 2021-03-08 22:57:03 CET 
Advisory:
========================

Updated libcaca packages fix security vulnerability:

A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may
lead to local execution of arbitrary code in the user context (CVE-2021-3410).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3410
https://www.debian.org/lts/security/2021/dla-2584
========================

Updated packages in core/updates_testing:
========================
libcaca0-0.99-0.beta19.3.1.mga7
libcaca-devel-0.99-0.beta19.3.1.mga7
caca-utils-0.99-0.beta19.3.1.mga7
ruby-caca-0.99-0.beta19.3.1.mga7
python-caca-0.99-0.beta19.3.1.mga7
libcaca0-0.99-0.beta19.5.1.mga8
libcaca-devel-0.99-0.beta19.5.1.mga8
caca-utils-0.99-0.beta19.5.1.mga8
python3-caca-0.99-0.beta19.5.1.mga8
ruby-caca-debuginfo-0.99-0.beta19.5.1.mga8

from SRPMS:
libcaca-0.99-0.beta19.3.1.mga7.src.rpm
libcaca-0.99-0.beta19.5.1.mga8.src.rpm
Comment 4 Thomas Andrews 2021-03-11 01:16:19 CET 
Tested in both releases in 64-bit Plasma installs on an AMD Phenom II 910, Radeon HD 8490 graphics.

Both installs already had libcaca0 installed. Installed caca-utils and tried some of the demos suggested in https://bugs.mageia.org/show_bug.cgi?id=24208#c8 

Updated packages, no installation issues in either install. Tried cacaview, cacafire, and cacademo, all worked. I believe that should be sufficient.

OKing, and validating. Advisory in Comment 3.

CC: (none) => andrewsfarm, sysadmin-bugs
Whiteboard: MGA7TOO => MGA7TOO MGA7-64-OK MGA8-64-OK
Keywords: (none) => validated_update

Comment 5 Aurelien Oudelet 2021-03-11 23:00:42 CET 
Advisory committed to SVN.

CVE: (none) => CVE-2021-3410
CC: (none) => ouaurelien
Keywords: (none) => advisory

Comment 6 Mageia Robot 2021-03-12 02:27:46 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0128.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED