Upstream has issued an advisory on January 19: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 Debian has issued an advisory for this on January 24: https://www.debian.org/security/2015/dsa-3136 The upstream advisory contains a patch for the issue. There is no new upstream release with the fix yet. Mageia 4 is also affected. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA4TOO
Patched packages uploaded for Mageia 4 and Cauldron. Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=11459#c7 Advisory: ======================== Updated polarssl packages fix security vulnerability: A vulnerability was discovered in PolarSSL in its certificate parser. A remote attacker could exploit this flaw using specially crafted certificates to mount a denial of service against an application linked against the library (application crash), or potentially, to execute arbitrary code (CVE-2015-1182). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1182 https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 https://www.debian.org/security/2015/dsa-3136 ======================== Updated packages in core/updates_testing: ======================== polarssl-1.3.9-1.1.mga4 libpolarssl7-1.3.9-1.1.mga4 libpolarssl-devel-1.3.9-1.1.mga4 from polarssl-1.3.9-1.1.mga4.src.rpm
Version: Cauldron => 4CC: (none) => oeAssignee: oe => qa-bugsWhiteboard: MGA4TOO => has_procedure
Testing on Mageia4x64 real hardware following procedure mentioned in comment 1 and pdns configuration found here : https://bugs.mageia.org/show_bug.cgi?id=13764#c9 Could not find any PoC From current packages : --------------------- - lib64polarssl7-1.3.9-1.mga4.x86_64 - polarssl-1.3.9-1.mga4.x86_64 $ polarssl-selftest (...) [ All tests passed ] # nano /etc/powerdns/pdns.conf allow-recursion=127.0.0.1 local-address=0.0.0.0 local-port=2000 recursor=8.8.8.8 # service pdns start # dig www.example.com A @127.0.0.1 -p 2000 ; <<>> DiG 9.9.6-P1 <<>> www.example.com A @127.0.0.1 -p 2000 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1145 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 4143 IN A 93.184.216.34 ;; Query time: 42 msec ;; SERVER: 127.0.0.1#2000(127.0.0.1) ;; WHEN: mer. févr. 04 20:56:53 CET 2015 ;; MSG SIZE rcvd: 60 # service pdns stop To updated testing packages : --------------------------- - lib64polarssl7-1.3.9-1.1.mga4.x86_64 - polarssl-1.3.9-1.1.mga4.x86_64 $ polarssl-selftest (...) [ All tests passed ] # service pdns start # dig www.example.com A @127.0.0.1 -p 2000 ; <<>> DiG 9.9.6-P1 <<>> www.example.com A @127.0.0.1 -p 2000 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41265 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;www.example.com. IN A ;; ANSWER SECTION: www.example.com. 6083 IN A 93.184.216.34 ;; Query time: 43 msec ;; SERVER: 127.0.0.1#2000(127.0.0.1) ;; WHEN: mer. févr. 04 21:01:36 CET 2015 ;; MSG SIZE rcvd: 60 All OK
Whiteboard: has_procedure => has_procedure MGA4-64-OKCC: (none) => olchal
Testing complete mga4 32
Whiteboard: has_procedure MGA4-64-OK => has_procedure mga4-32-ok MGA4-64-OK
Validating. Advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga4-32-ok MGA4-64-OK => has_procedure advisory mga4-32-ok MGA4-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0055.html
Status: NEW => RESOLVEDResolution: (none) => FIXED