Bug 29294

Summary:	aspell new security issue CVE-2019-25051
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	QA Team <qa-bugs>
Status:	RESOLVED FIXED	QA Contact:	Sec team <security>
Severity:	major
Priority:	Normal	CC:	geiger.david68210, herman.viaene, mageia, ouaurelien, sysadmin-bugs
Version:	8	Keywords:	advisory, validated_update
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:	MGA8-64-OK
Source RPM:	aspell-0.60.8-4.mga8.src.rpm	CVE:	CVE-2019-25051
Status comment:

Description David Walser 2021-07-27 17:03:42 CEST

Ubuntu has issued an advisory on July 26:
https://ubuntu.com/security/notices/USN-5023-1

Mageia 8 is also affected.

David Walser 2021-07-27 17:03:59 CEST

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Patch available from Ubuntu
CC: (none) => geiger.david68210

Comment 1 Nicolas Lécureuil 2021-07-27 19:17:31 CEST

fixed in mga8/9

src:
    - aspell-0.60.8-4.1.mga8

Status comment: Patch available from Ubuntu => (none)
Assignee: bugsquad => qa-bugs
CC: (none) => mageia
Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8

Comment 2 David Walser 2021-07-27 19:20:37 CEST

aspell-0.60.8-4.1.mga8
aspell-manual-0.60.8-4.1.mga8
libaspell15-0.60.8-4.1.mga8
libaspell-devel-0.60.8-4.1.mga8

from aspell-0.60.8-4.1.mga8.src.rpm

Comment 3 Herman Viaene 2021-07-28 15:13:31 CEST

MGA8-64 Plasma on Lenovo B50.
No installation issues.
Remark that aspell was not previously installed here, and this being a Dutch installation, it draws in the appropriate language pack. Fine!!
Ref bug 25640 for previous test, so tried
# urpmq --whatrequires aspell
but that returned nothing else but its own packages.
Tried
# urpmq --whatrequires-recursive aspell
and that added one package: ding.
Installed that one, it is a German/English Dictionary Look Up Program, it did indeed draw in these two language packs.
Run it and entered the word "werbung" and got a correct English word "advertisement" back, plus it listed and translated a bunch of other word/expressions that are connected with the word "werbung". Impressive, I wish it could handle other languages.
Update OK for me.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA8-64-OK

Comment 4 Aurelien Oudelet 2021-07-28 20:41:51 CEST

Advisory:
========================

Updated aspell packages fix security vulnerability:

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list) (CVE-2019-25051).

References:
 - https://bugs.mageia.org/show_bug.cgi?id=29294
 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25051
 - https://ubuntu.com/security/notices/USN-5023-1
========================

Updated packages in core/updates_testing:
========================
aspell-0.60.8-4.1.mga8
aspell-manual-0.60.8-4.1.mga8
lib(64)aspell15-0.60.8-4.1.mga8
lib(64)aspell-devel-0.60.8-4.1.mga8

from aspell-0.60.8-4.1.mga8.src.rpm

CC: (none) => ouaurelien

Comment 5 Aurelien Oudelet 2021-07-28 20:43:58 CEST

Validating.

Keywords: (none) => advisory, validated_update
CVE: (none) => CVE-2019-25051
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2021-07-28 22:02:06 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0388.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED