A CVE was requested (though it could have been more explicit) for a heap overflow issue fixed in libtasn1: http://openwall.com/lists/oss-security/2015/04/30/3 Mageia 4 and Mageia 5 are affected. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
CVE-2015-3622 has been assigned: http://openwall.com/lists/oss-security/2015/04/30/6 Patches added in Mageia 4 and Cauldron SVN. Freeze push requested.
Summary: libtasn1 new security issue fixed upstream in 4.5 => libtasn1 new security issue fixed upstream in 4.5 (CVE-2015-3622)
Patched packages uploaded for Mageia 4 and Cauldron. Note that there's a PoC linked from the post linked in Comment 0. General Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=5128#c10 Advisory: ======================== Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function _asn1_extract_der_octet() (CVE-2015-3622). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3622 https://blog.fuzzing-project.org/9-Heap-overflow-invalid-read-in-Libtasn1-TFPA-0052015.html http://openwall.com/lists/oss-security/2015/04/30/6 ======================== Updated packages in core/updates_testing: ======================== libtasn1_6-3.6-1.2.mga4 libtasn1-tools-3.6-1.2.mga4 libtasn1-devel-3.6-1.2.mga4 from libtasn1-3.6-1.2.mga4.src.rpm
Version: Cauldron => 4Assignee: bugsquad => qa-bugsWhiteboard: MGA5TOO, MGA4TOO => has_procedure
General testing procedure runs fine for me on Mageia 4 i586. I didn't test the PoC (needs to be tested with Address Sanitizer or valgrind).
Marking as OK for me. Someone else could try the PoC.
Whiteboard: has_procedure => has_procedure MGA4-32-OK
Testing complete mga4 64
Whiteboard: has_procedure MGA4-32-OK => has_procedure MGA4-32-OK mga4-64-ok
Validating. Advisory uploaded. Please push to 4 updates Thanks!
Keywords: (none) => validated_updateWhiteboard: has_procedure MGA4-32-OK mga4-64-ok => has_procedure advisory MGA4-32-OK mga4-64-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0200.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/643577/