Bug 31879

Summary:	sniproxy new security issue CVE-2023-25076
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	QA Team <qa-bugs>
Status:	RESOLVED FIXED	QA Contact:	Sec team <security>
Severity:	normal
Priority:	Normal	CC:	andrewsfarm, davidwhodgins, geiger.david68210, herman.viaene, nicholaswhitmarsh31, sysadmin-bugs, zetisonapi
Version:	8	Keywords:	advisory, validated_update
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:	MGA8-64-OK
Source RPM:	sniproxy-0.6.0-3.mga8.src.rpm	CVE:
Status comment:

Description David Walser 2023-05-06 22:39:34 CEST

Debian-LTS has issued an advisory on April 30:
https://www.debian.org/lts/security/2023/dla-3406

The issue is fixed upstream in 0.6.1.

Comment 1 Lewis Smith 2023-05-07 20:54:35 CEST

Is it OK to assign this to you, David, as you have already put v0.6.1 into Cauldron. This bug is for M8.

Assignee: bugsquad => geiger.david68210

Comment 2 David GEIGER 2023-05-07 21:08:42 CEST

Done for mga8!

Comment 3 David Walser 2023-05-07 21:20:05 CEST

sniproxy-0.6.1-1.mga8

from sniproxy-0.6.1-1.mga8.src.rpm

CC: (none) => geiger.david68210
Assignee: geiger.david68210 => qa-bugs

Comment 4 Herman Viaene 2023-05-16 11:48:07 CEST

MGA8-64 MATE on Acer Aspire 5253
No installation issues.
No wiki or previous updates. If I understand this correctly, this would allow two different webservices to share the same port 443. But googling on it https://gist.github.com/pjamar/6812af8354746f9bffd0
links it to sandstorm and that seems not to be in our repos.
So, I stopped httpd, installed sniproxy, restarted httpf and pointed firefox to localhost, and got the confirmation "It works!".
So I give the OK based on not disturbing the system, someoen els might find some better test, then plse have a go at it.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA8-64-OK

Comment 5 Thomas Andrews 2023-05-19 01:48:52 CEST

Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2023-05-21 03:10:32 CEST

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 6 Mageia Robot 2023-05-21 10:44:23 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0178.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Comment 7 zetisno zetisno 2023-11-03 09:13:07 CET Comment hidden (spam)

Video games can help players develop problem-solving skills. They often require players to use critical thinking and creativity to overcome challenges.
https://spacebar-clicker.com/

CC: (none) => zetisonapi

Comment 8 Nicholas Whitmarsh 2023-12-12 09:07:02 CET Comment hidden (spam)

Spacebar counter is a great tool to speed up your spacebar button. It is an online tool and completely free for everyone. To visit this tool you just need to click on the spacebar counter and reach the spacebar tool, try to press the spacebar button as fast as possible, your spacebar speed will definitely increase.


https://spacebarcounter.org

CC: (none) => nicholaswhitmarsh31