15435 – icu new security issues CVE-2014-6585 and CVE-2014-6591

Bug 15435 - icu new security issues CVE-2014-6585 and CVE-2014-6591

Summary: icu new security issues CVE-2014-6585 and CVE-2014-6591

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	4
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA4-32-OK MGA4-64-OK advisory
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2015-03-05 20:48 CET by David Walser
Modified:	2015-03-10 17:49 CET (History)
CC List:	3 users (show)

See Also:
Source RPM:	icu-53.1-10.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-03-05 20:48:44 CET

Ubuntu has issued an advisory today (March 5):
http://www.ubuntu.com/usn/usn-2522-1/

We're not affected by the 2013 CVEs, and we fixed the other 2014 ones in Bug 15145.

Patch for CVE-2014-6585 and CVE-2014-6591 checked into Mageia 4 and Cauldron SVN.

Reproducible: 

Steps to Reproduce:

David Walser 2015-03-05 20:50:33 CET

Whiteboard: (none) => MGA5TOO, MGA4TOO

Comment 1 David Walser 2015-03-05 21:42:47 CET

Patched packages uploaded for Mageia 4 and Cauldron.

Advisory:
========================

Updated icu packages fix security vulnerabilities:

It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program (CVE-2014-6585,
CVE-2014-6591).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
http://www.ubuntu.com/usn/usn-2522-1/
========================

Updated packages in core/updates_testing:
========================
icu-52.1-2.2.mga4
icu-data-52.1-2.2.mga4
icu-doc-52.1-2.2.mga4
libicu52-52.1-2.2.mga4
libicu-devel-52.1-2.2.mga4

from icu-52.1-2.2.mga4.src.rpm

Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => (none)

Comment 2 David Walser 2015-03-06 19:57:32 CET

Just like last time I tested inserting special unicode characters into a LibreOffice Writer document.  No issues noted.  Tested Mageia 4 i586.

Comment 3 David Walser 2015-03-07 20:42:11 CET

No PoC's that I can find.  Marking OK for Mageia 4 i586.

Whiteboard: (none) => MGA4-32-OK

Comment 4 olivier charles 2015-03-09 22:13:41 CET

Testing on Mageia4x64 real hardware

Using procedure found in previous testing : 
https://bugs.mageia.org/show_bug.cgi?id=15145#c8

From current packages :
---------------------
icu-52.1-2.1.mga4
icu-data-52.1-2.1.mga4
icu-doc-52.1-2.1.mga4
lib64icu52-52.1-2.1.mga4

$ oowriter --strace

Inserted special unicode characters

in strace.log, could find :
8832  21:56:10.841741 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 3
(...)
8837  21:56:11.026130 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 4

To updated testing packages :
---------------------------
icu-52.1-2.2.mga4
icu-data-52.1-2.2.mga4
icu-doc-52.1-2.2.mga4
lib64icu52-52.1-2.2.mga4

26291 22:05:30.833504 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 3
(...)
26295 22:05:31.021346 open("/lib64/libicuuc.so.52", O_RDONLY|O_CLOEXEC) = 4


No regression found.

CC: (none) => olchal
Whiteboard: MGA4-32-OK => MGA4-32-OK MGA4-64-OK

Comment 5 Rémi Verschelde 2015-03-10 10:12:23 CET

Advisory uploaded, validating. Please push to 4 core/updates.

Keywords: (none) => validated_update
Whiteboard: MGA4-32-OK MGA4-64-OK => MGA4-32-OK MGA4-64-OK advisory
CC: (none) => remi, sysadmin-bugs

Comment 6 Mageia Robot 2015-03-10 17:49:04 CET

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0102.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.