11010 – libimobiledevice new security issue CVE-2013-2142

Bug 11010 - libimobiledevice new security issue CVE-2013-2142

Summary: libimobiledevice new security issue CVE-2013-2142

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	3
Hardware:	i586 Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/563532/
Whiteboard:	mga3-64-ok mga3-32-ok
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2013-08-15 17:38 CEST by David Walser
Modified:	2013-08-17 10:47 CEST (History)
CC List:	4 users (show)

See Also:
Source RPM:	libimobiledevice-1.1.4-4.mga3.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2013-08-15 17:38:02 CEST

Ubuntu has issued an advisory on August 14:
http://www.ubuntu.com/usn/usn-1927-1/

Patches checked into SVN for Mageia 3 and Cauldron.

Mageia 2 is not affected.

In Cauldron, it currently will not build:
http://pkgsubmit.mageia.org/uploads/failure/cauldron/core/release/20130815153246.luigiwalser.valstar.22801/log/libimobiledevice-1.1.5-2.mga4/build.0.20130815153302.log

Reproducible: 

Steps to Reproduce:

David Walser 2013-08-15 17:38:18 CEST

CC: (none) => fundawang
Version: 3 => Cauldron
Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2013-08-15 18:12:01 CEST

Fixed in Cauldron in libimobiledevice-1.1.5-2.mga4 by Funda.  Thanks Funda!

Patched package uploaded for Mageia 3.

Advisory:
========================

Updated libimobiledevice packages fix security vulnerability:

Paul Collins discovered that libimobiledevice incorrectly handled temporary
files. A local attacker could possibly use this issue to overwrite
arbitrary files and access device keys. In the default Ubuntu installation,
this issue should be mitigated by the Yama link restrictions (CVE-2013-2142).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2142
http://www.ubuntu.com/usn/usn-1927-1/
========================

Updated packages in core/updates_testing:
========================
libimobiledevice-1.1.4-4.1.mga3
libimobiledevice3-1.1.4-4.1.mga3
libimobiledevice-devel-1.1.4-4.1.mga3
python-imobiledevice-1.1.4-4.1.mga3

from libimobiledevice-1.1.4-4.1.mga3.src.rpm

Version: Cauldron => 3
Assignee: bugsquad => qa-bugs
Whiteboard: MGA3TOO => (none)

Comment 2 claire robinson 2013-08-15 18:18:18 CEST

You need an iphone or ipod touch to test this properly I think.

Anybody have one?

Comment 3 David GEIGER 2013-08-17 08:58:02 CEST

Testing complete mga3_64, with my iPhone 4 Ok for me nothing to report.
Simple test by connecting my iBidule.

CC: (none) => geiger.david68210
Whiteboard: (none) => mga3-64-ok mga3-32-ok

Comment 4 David GEIGER 2013-08-17 08:58:14 CEST

Testing complete mga3_32, with my iPhone 4 Ok for me nothing to report too.
Simple test by connecting my iBidule.

Comment 5 claire robinson 2013-08-17 09:54:38 CEST

Thanks David. Advisory from comment 1 uploaded.

Validating

Could sysadmin please push from 3 core updates testing to updates

Thanks!

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Thomas Backlund 2013-08-17 10:47:48 CEST

Update pushed:
http://advisories.mageia.org/MGASA-2013-0251.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.