Bug 8044

Summary: Fix a security problem of buffer overflow when decoding IRC colors in strings.
Product: Mageia Reporter: Funda Wang <fundawang>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: luigiwalser, marc.lattemann, sysadmin-bugs, tmb
Version: 2Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://savannah.nongnu.org/bugs/?37704
Whiteboard: has_procedure mga2-64-OK, MGA2-32-OK
Source RPM: weechat-0.3.6-3.1.mga2 CVE:
Status comment:

Description Funda Wang 2012-11-11 14:45:41 CET 
A buffer overflow is causing a crash or freeze of WeeChat (0.36 to 0.39) when decoding IRC colors in strings. The packages have been patched to fix this problem.

Relevant packages:
weechat-0.3.6-3.1.mga2
Comment 1 claire robinson 2012-11-11 18:37:24 CET 
Is there a CVE for this Funda please?
claire robinson 2012-11-11 18:47:47 CET

CC: (none) => luigiwalser

Comment 2 Funda Wang 2012-11-11 23:40:40 CET 
No at the moment. See: http://www.weechat.org/security/
Comment 3 David Walser 2012-11-12 14:10:53 CET 
CVE requested on Saturday, should be a response here soon:
http://seclists.org/oss-sec/2012/q4/252
Comment 4 claire robinson 2012-11-13 10:36:22 CET 
SRPM: weechat-0.3.6-3.1.mga2.src.rpm
------------------------------------
weechat-aspell
weechat-charset
weechat-debug
weechat-devel
weechat-lua
weechat-perl
weechat-python
weechat-ruby
weechat-tcl
weechat
Comment 5 David Walser 2012-11-13 12:28:36 CET 
This is CVE-2012-5854.

http://seclists.org/oss-sec/2012/q4/268
Comment 6 claire robinson 2012-11-13 16:55:15 CET 
Weechat is an irc client for the terminal

Start with 
$ weechat

Connect to freenode
/connect freenode

Set nick
/nick MrsBTest

Join QA
/join #mageia-qa


Not able to reproduce this and asking the devs on IRC got me nowhere so just checking the updated version seems to connect and join a channel.

Testing complete mga2 64

Whiteboard: (none) => has_procedure mga2-64-OK

Comment 7 Marc Lattemann 2012-11-13 20:47:15 CET 
basic functionality tested on mga2 i586 (connect and join channel...).

validate update

Suggested Advisory
==================
A buffer overflow is causing a crash or freeze of WeeChat (0.36 to 0.39) when
decoding IRC colors in strings. The packages have been patched to fix this
problem.

SRPM: weechat-0.3.6-3.1.mga2.src.rpm

Can sysadmin push packages to Updates? Thanks.

CC: (none) => marc.lattemann, sysadmin-bugs
Whiteboard: has_procedure mga2-64-OK => has_procedure mga2-64-OK, MGA2-32-OK

Marc Lattemann 2012-11-13 20:48:08 CET

Keywords: (none) => validated_update

Comment 8 David Walser 2012-11-14 00:05:52 CET 
Don't forget to include the CVE reference in the advisory.

It is CVE-2012-5854.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5854
https://savannah.nongnu.org/bugs/?37704
Comment 9 Thomas Backlund 2012-11-17 17:25:38 CET 
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0330

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED