15588 – libtasn1 new security issue fixed upstream in 4.4 (CVE-2015-2806)

Bug 15588 - libtasn1 new security issue fixed upstream in 4.4 (CVE-2015-2806)

Summary: libtasn1 new security issue fixed upstream in 4.4 (CVE-2015-2806)

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	4
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/639035/
Whiteboard:	has_procedure advisory MGA4-32-OK
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2015-03-30 14:09 CEST by David Walser
Modified:	2015-04-03 18:07 CEST (History)
CC List:	2 users (show)

See Also:
Source RPM:	libtasn1-4.2-2.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-03-30 14:09:05 CEST

A CVE has been requested for a security issue fixed in libtasn1 4.4:
http://openwall.com/lists/oss-security/2015/03/29/4

The upstream commit to fix the issue is linked in the message above.

Mageia 4 and Mageia 5 are affected.

I've patched the versions in Mageia 4 and Cauldron SVN locally with the upstream commit and both build fine and pass their test suite.  Waiting for the CVE before committing.

Reproducible: 

Steps to Reproduce:

David Walser 2015-03-30 14:09:11 CEST

Whiteboard: (none) => MGA5TOO, MGA4TOO

David Walser 2015-03-30 14:09:28 CEST

Blocks: (none) => 14674

Comment 1 Oden Eriksson 2015-03-31 09:13:54 CEST

CVE-2015-2806: http://openwall.com/lists/oss-security/2015/03/31/2

CC: (none) => oe

Oden Eriksson 2015-03-31 09:14:16 CEST

Summary: libtasn1 new security issue fixed upstream in 4.4 => CVE-2015-2806: libtasn1 new security issue fixed upstream in 4.4

Comment 2 David Walser 2015-03-31 12:39:22 CEST

Patch checked into Mageia 4 and Cauldron SVN.  Freeze push requested for Cauldron.

Summary: CVE-2015-2806: libtasn1 new security issue fixed upstream in 4.4 => libtasn1 new security issue fixed upstream in 4.4 (CVE-2015-2806)

Comment 3 David Walser 2015-03-31 16:43:07 CEST

Patched packages uploaded for Mageia 4 and Cauldron.

Testing procedure:
https://bugs.mageia.org/show_bug.cgi?id=5128#c10

Advisory:
========================

Updated libtasn1 packages fix security vulnerability:

The libtasn1 library before version 4.4 is vulnerable to a two-byte stack
overflow in asn1_der_decoding (CVE-2015-2806).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2806
http://openwall.com/lists/oss-security/2015/03/31/2
========================

Updated packages in core/updates_testing:
========================
libtasn1_6-3.6-1.1.mga4
libtasn1-tools-3.6-1.1.mga4
libtasn1-devel-3.6-1.1.mga4

from libtasn1-3.6-1.1.mga4.src.rpm

Version: Cauldron => 4
Blocks: 14674 => (none)
Assignee: bugsquad => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => has_procedure

Comment 4 David Walser 2015-03-31 18:56:44 CEST

I repeated Claire's test from here:
https://bugs.mageia.org/show_bug.cgi?id=13456#c1

Same results on Mageia 4 i586 with the update.

Whiteboard: has_procedure => has_procedure MGA4-32-OK

Comment 5 claire robinson 2015-04-03 14:07:17 CEST

Validating. Advisory uploaded.

Please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: has_procedure MGA4-32-OK => has_procedure advisory MGA4-32-OK
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2015-04-03 15:12:07 CEST

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0128.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2015-04-03 18:07:10 CEST

URL: (none) => http://lwn.net/Vulnerabilities/639035/

Note You need to log in before you can comment on or make changes to this bug.