Bug 4634

Summary: libxml2 new security issue CVE-2012-0841
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: davidwhodgins, dmorganec, sysadmin-bugs, tmb
Version: 1Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: libxml2-2.7.8-9.4.mga1.src.rpm CVE:
Status comment:

Description David Walser 2012-02-22 13:29:39 CET 
Mandriva issued this advisory today (February 22):
http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:023

Cauldron is vulnerable as well.
Comment 1 D Morgan 2012-02-23 10:48:50 CET 
available on testing

CC: (none) => dmorganec
Assignee: bugsquad => qa-bugs

Comment 2 David Walser 2012-02-23 13:23:58 CET 
Advisory:
========================

Updated libxml2 packages fix security vulnerabilities:

It was found that the hashing routine used by libxml2 arrays was
susceptible to predictable hash collisions. Sending a specially-crafted
message to an XML service could result in longer processing time,
which could lead to a denial of service. To mitigate this issue,
randomization has been added to the hashing function to reduce the
chance of an attacker successfully causing intentional collisions
(CVE-2012-0841).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
https://bugzilla.redhat.com/show_bug.cgi?id=787067
http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:023
========================

Updated packages in core/updates_testing:
========================
libxml2-devel-2.7.8-9.5.mga1
libxml2-python-2.7.8-9.5.mga1
libxml2-utils-2.7.8-9.5.mga1
libxml2_2-2.7.8-9.5.mga1

from libxml2-2.7.8-9.5.mga1.src.rpm
Comment 3 claire robinson 2012-02-24 16:11:47 CET 
We have a wiki page for this :)

https://wiki.mageia.org/en/Testing_procedure_for_libxml2


$ python testxml.py
Tested OK

$ xmllint --auto
<?xml version="1.0"?>
<info>abc</info>

$ xmlcatalog --create
<?xml version="1.0"?>
<!DOCTYPE catalog PUBLIC "-//OASIS//DTD Entity Resolution XML Catalog V1.0//EN" "http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd">

$ strace -o strace.out chromium-browser
$ grep xml strace.out
...
open("/usr/lib64/libxml2.so.2", O_RDONLY) = 3
...

Testing complete x86_64
Comment 4 Dave Hodgins 2012-02-24 23:53:08 CET 
Testing complete on i586.

Could someone from the sysadmin team push the srpm
libxml2-2.7.8-9.5.mga1.src.rpm
from Core Updates Testing to Core Updates.

Advisory: Updated libxml2 packages fix security vulnerabilities:

It was found that the hashing routine used by libxml2 arrays was
susceptible to predictable hash collisions. Sending a specially-crafted
message to an XML service could result in longer processing time,
which could lead to a denial of service. To mitigate this issue,
randomization has been added to the hashing function to reduce the
chance of an attacker successfully causing intentional collisions
(CVE-2012-0841).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
https://bugzilla.redhat.com/show_bug.cgi?id=787067
http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:023

https://bugs.mageia.org/show_bug.cgi?id=4634

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 5 Thomas Backlund 2012-02-25 10:07:51 CET 
update pushed

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED