Bug 13985 - file new security issue CVE-2014-3587
Summary: file new security issue CVE-2014-3587
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/609180/
Whiteboard: MGA3TOO has_procedure advisory mga3-3...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-08-25 20:25 CEST by David Walser
Modified: 2014-08-27 01:05 CEST (History)
1 user (show)

See Also:
Source RPM: file-5.16-1.5.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2014-08-25 20:25:20 CEST
Fedora has issued an advisory on August 23:
https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136989.html

Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Note that this issue also affects PHP (see Bug 13964).

Advisory:
========================

Updated file packages fix security vulnerability:

A flaw was found in the way file uses cdf_read_property_info function when
checks stream offsets for certain Composite Document Format (CDF). An
insufficient input validation flaw for p and q minimal and maximal value,
leads to a pointer overflow. This issue only affects 32bit systems
(CVE-2014-3587).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136989.html
========================

Updated packages in core/updates_testing:
========================
file-5.12-8.7.mga3
libmagic1-5.12-8.7.mga3
libmagic-devel-5.12-8.7.mga3
libmagic-static-devel-5.12-8.7.mga3
python-magic-5.12-8.7.mga3
file-5.16-1.6.mga4
libmagic1-5.16-1.6.mga4
libmagic-devel-5.16-1.6.mga4
libmagic-static-devel-5.16-1.6.mga4
python-magic-5.16-1.6.mga4

from SRPMS:
file-5.12-8.7.mga3.src.rpm
file-5.16-1.6.mga4.src.rpm

Reproducible: 

Steps to Reproduce:
David Walser 2014-08-25 21:47:11 CEST

Whiteboard: (none) => MGA3TOO

Comment 1 claire robinson 2014-08-26 16:57:15 CEST
Testing complete mga4 64

Procedure: https://bugs.mageia.org/show_bug.cgi?id=13460#c4

A before, this relates to cdf files which are difficult to source and there is no public PoC.

Whiteboard: MGA3TOO => MGA3TOO has_procedure mga4-64-ok

Comment 2 claire robinson 2014-08-26 16:59:03 CEST
Testing complete mga3 32

Whiteboard: MGA3TOO has_procedure mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga4-64-ok

Comment 3 claire robinson 2014-08-26 17:11:38 CEST
Testing complete mga4 32

Whiteboard: MGA3TOO has_procedure mga3-32-ok mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga4-32-ok mga4-64-ok

Comment 4 claire robinson 2014-08-26 17:15:26 CEST
Testing complete mga3 64

Whiteboard: MGA3TOO has_procedure mga3-32-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok

Comment 5 claire robinson 2014-08-26 17:19:07 CEST
Validating. Advisory uploaded.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2014-08-27 01:05:30 CEST
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2014-0354.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.