Fedora has issued an advisory on September 18: https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117049.html Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO, MGA2TOO
Fixed packages has been submitted for all. NOTE: CVE-2013-4258 was already fixed with the nas-1.9.2-fix-str-fmt.patch patch in mga2 -> cauldron.
CC: (none) => oe
Thanks Oden! Advisory: ======================== Updated nas packages fix security vulnerabilities: Buffer overflow when parsing display number and various other buffer overflows (CVE-2013-4256). Heap overflow when using AUDIOHOST environment variable (CVE-2013-4257). Race when opening a TCP device (nas#289). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4256 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4257 http://sourceforge.net/p/nas/code/289/ https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117049.html ======================== Updated packages in core/updates_testing: ======================== nas-1.9.2-6.1.mga2 libnas2-1.9.2-6.1.mga2 libnas-devel-1.9.2-6.1.mga2 libnas-static-devel-1.9.2-6.1.mga2 nas-1.9.3-2.1.mga3 libnas2-1.9.3-2.1.mga3 libnas-devel-1.9.3-2.1.mga3 libnas-static-devel-1.9.3-2.1.mga3 from SRPMS: nas-1.9.2-6.1.mga2.src.rpm nas-1.9.3-2.1.mga3.src.rpm
Version: Cauldron => 3Assignee: bugsquad => qa-bugsWhiteboard: MGA3TOO, MGA2TOO => MGA2TOO
Some basic info for testing: http://radscan.com/nas/nas-README.txt
Additionally, someone should sync the systemd scripts with fedora to get rid of the sysv scripts.
Testing mga3 64 Before ------ I don't think this is working. # service nasd start Starting nasd (via systemctl): [ OK ] # auinfo auinfo: unable to connect to audio server # auinfo -audio localhost auinfo: unable to connect to audio server # nasd -aa Network Audio System Release 1.9.3 Network Audio System Release 1.9.3 Init: Output open(/dev/dsp) failed: No such file or directory Fatal server error: could not create audio connection block info
Oops, I skipped a step and maybe shouldn't run it as root anyway :\ # service nasd start Starting nasd (via systemctl): [ OK ] $ export AUDIOSERVER="`hostname`:0" It still fails though. Checked the hostname was correct.. $ echo $AUDIOSERVER $ auinfo auinfo: unable to connect to audio server $ auinfo -audio "`hostname`:0" auinfo: unable to connect to audio server # service nasd stop Stopping nasd (via systemctl): [ OK ] $ nasd -aa Network Audio System Release 1.9.3 Network Audio System Release 1.9.3 Error binding unix socket: /var/run/nasd/audio0 : Address already in use Fatal server error: Cannot establish unix listening socket
A bit further.. $ export AUDIOSERVER="`hostname`:1" $ nasd -d 3 Network Audio System Release 1.9.3 Network Audio System Release 1.9.3 AuInitPhysicalDevices(); Init: will close device when finished with stream. Init: will keep mixer device open. Init: Leaving the mixer device options alone at startup. Init: openDevice OUT /dev/dsp mode 1 Init: Output open(/dev/dsp) failed: No such file or directory Fatal server error: could not create audio connection block info
After installing ossp and rebooting there is now a /dev/dsp Possibly missing a require or better default configuration. I'll create a new bug for it as this is appears possibly remotely exploitable, although no PoC's When started with -pn option it now starts. $ auinfo -audio "`hostname`:0" Shows stuff. After ----- Started the same way with -pn. $ auinfo -audio "`hostname`:0" Shows stuff. $ audemo -audio "`hostname`:0" Scans $HOME for files and eventually opens an X window with some sounds to play. When selected they do play Ok. Testing complete mga3 64
Whiteboard: MGA2TOO => MGA2TOO mga3-64-ok
Bug 11399 created for missing /dev/dsp
Testing complete mga3 32
Whiteboard: MGA2TOO mga3-64-ok => MGA2TOO mga3-64-ok mga3-32-ok
Can't get guest sound to work in Virtualbox to test mga2 :\
For sound in Mageia 2 under virtualbox, see https://bugs.mageia.org/show_bug.cgi?id=5509#c12
CC: (none) => davidwhodgins
Ahh great, thanks Dave, that did the trick.
Testing complete mga2 32
Whiteboard: MGA2TOO mga3-64-ok mga3-32-ok => MGA2TOO mga3-64-ok mga3-32-ok mga2-32-ok
Having issues with this mga2 64, I can't seem to get beyond this.. $ nasd -d 3 -pn Network Audio System Release 1.9.2 Network Audio System Release 1.9.2 Binding TCP socket: Address already in use Cannot establish tcp listening socket Error binding unix socket: /var/run/nasd/audio0 : No such file or directory Cannot establish unix listening socket Fatal server error: Cannot establish any listening sockets ossp installed and system rebooted so /dev/dsp exists. Mga2 32 was ok, both these mga2 are in vbox. Sometimes nasd causes the terminal to close, no errors reported in syslog. I've run out of time today.
Testing mga2 64 again in vbox Seems /dev/dsp was missing again, created when starting osspd service. nasd -d 3 -pn still closes the terminal but opening it again and checking with ps aux | grep nasd shows it is still running. Tested with audemo/auplay and found it played a wav file ok. I suspect issues with OSS.
Whiteboard: MGA2TOO mga3-64-ok mga3-32-ok mga2-32-ok => MGA2TOO mga3-64-ok mga3-32-ok mga2-32-ok mga2-64-ok
Validating. Advisory 11305.adv uploaded. Could sysadmin please push from 2&3 core/updates_testing to updates Thanks!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0298.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED