Bug 8235

Summary:	weechat new security issue CVE-2012-5534
Product:	Mageia	Reporter:	David Walser <luigiwalser>
Component:	Security	Assignee:	QA Team <qa-bugs>
Status:	RESOLVED FIXED	QA Contact:
Severity:	critical
Priority:	Normal	CC:	fundawang, sysadmin-bugs, tmb
Version:	2	Keywords:	validated_update
Target Milestone:	---
Hardware:	i586
OS:	Linux
URL:	http://lwn.net/Vulnerabilities/527363/
Whiteboard:	MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-32-OK mga2-64-OK
Source RPM:	weechat-0.3.6-3.1.mga2.src.rpm	CVE:
Status comment:

Description David Walser 2012-11-28 19:29:31 CET

OpenSuSE has issued an advisory today (November 28):
http://lists.opensuse.org/opensuse-updates/2012-11/msg00087.html

It fixes a new issue, CVE-2012-5534, which they have a patch for.

Upstream shows this as fixed in 0.3.9.2 (so Cauldron is affected).
http://www.weechat.org/security/

David Walser 2012-11-28 19:29:39 CET

Whiteboard: (none) => MGA2TOO

Comment 1 David Walser 2012-11-30 00:44:43 CET

Fedora has issued an advisory for this on November 20:
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093495.html

The RedHat bug also has a link to the upstream change that fixes this:
https://bugzilla.redhat.com/show_bug.cgi?id=878025

Comment 2 David Walser 2012-11-30 00:45:47 CET

Here's a patch link in Fedora git:
http://pkgs.fedoraproject.org/cgit/weechat.git/plain/weechat-fix-1.patch?id=6b064ab9c72f4501e0d84c26d4c4e5a9b8423e46

Comment 3 David Walser 2012-11-30 14:20:20 CET

Updated package uploaded for Cauldron by Funda.

Patched package uploaded for Mageia 1 and Mageia 2 by Funda.  Thanks Funda!

Advisory:
========================

Updated weechat packages fix security vulnerability:

Untrusted command for function hook_process in WeeChat before 0.3.9.2 could
lead to execution of commands, because of shell expansions (so the problem is
only caused by some scripts, not by WeeChat itself) (CVE-2012-5534).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5534
https://savannah.nongnu.org/bugs/?37764
http://www.weechat.org/security/
http://lists.opensuse.org/opensuse-updates/2012-11/msg00087.html
========================

Updated packages in core/updates_testing:
========================
weechat-0.3.0-1.1.mga1
weechat-perl-0.3.0-1.1.mga1
weechat-python-0.3.0-1.1.mga1
weechat-tcl-0.3.0-1.1.mga1
weechat-ruby-0.3.0-1.1.mga1
weechat-lua-0.3.0-1.1.mga1
weechat-charset-0.3.0-1.1.mga1
weechat-aspell-0.3.0-1.1.mga1
weechat-devel-0.3.0-1.1.mga1
weechat-0.3.6-3.2.mga2
weechat-perl-0.3.6-3.2.mga2
weechat-python-0.3.6-3.2.mga2
weechat-tcl-0.3.6-3.2.mga2
weechat-ruby-0.3.6-3.2.mga2
weechat-lua-0.3.6-3.2.mga2
weechat-charset-0.3.6-3.2.mga2
weechat-aspell-0.3.6-3.2.mga2
weechat-devel-0.3.6-3.2.mga2

from SRPMS:
weechat-0.3.0-1.1.mga1.src.rpm
weechat-0.3.6-3.2.mga2.src.rpm

CC: (none) => fundawang
Version: Cauldron => 2
Assignee: fundawang => qa-bugs
Whiteboard: MGA2TOO => MGA1TOO

Comment 4 claire robinson 2012-11-30 14:48:35 CET

No PoC so just testing the basics

Procedure: https://bugs.mageia.org/show_bug.cgi?id=8044#c6

Whiteboard: MGA1TOO => MGA1TOO has_procedure

Comment 5 claire robinson 2012-11-30 16:12:34 CET

Testing complete Mga1 32 & 64 and Mga2 64

Whiteboard: MGA1TOO has_procedure => MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-64-OK

Comment 6 claire robinson 2012-11-30 16:39:23 CET

Testing complete mga2 32

Validating

Advisory & srpms for Mageia 1 & 2 in comment 3

Could sysadmin please push from core/updates_testing to core/updates

Thanks!

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-64-OK => MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-32-OK mga2-64-OK

Comment 7 Thomas Backlund 2012-11-30 23:20:06 CET

Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0347

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED