16477 – expat new security issue CVE-2015-1283

Bug 16477 - expat new security issue CVE-2015-1283

Summary: expat new security issue CVE-2015-1283

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	i586 Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/652361/
Whiteboard:	MGA4TOO MGA4-32-OK advisory MGA5-64-OK
Keywords:	validated_update

Depends on:
Blocks:	16444
	Show dependency tree / graph

Reported:	2015-07-26 16:29 CEST by David Walser
Modified:	2015-07-27 19:18 CEST (History)
CC List:	3 users (show)

See Also:
Source RPM:	expat-2.1.0-9.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-07-26 16:29:43 CEST

Google has issued an advisory on July 21:
http://googlechromereleases.blogspot.cz/2015/07/stable-channel-update_21.html

The expat issue also affects the system version.

Patched packages uploaded for Mageia 4, Mageia 5, and Cauldron.

Advisory:
========================

Updated expat package fixes security vulnerabilities:

Multiple integer overflows in the XML_GetBuffer function in Expat through
2.1.0 allow remote attackers to cause a denial of service (heap-based buffer
overflow) or possibly have unspecified other impact via crafted XML data
(CVE-2015-1283).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
http://googlechromereleases.blogspot.cz/2015/07/stable-channel-update_21.html
========================

Updated packages in core/updates_testing:
========================
expat-2.1.0-7.1.mga4
libexpat1-2.1.0-7.1.mga4
libexpat-devel-2.1.0-7.1.mga4
expat-2.1.0-9.1.mga5
libexpat1-2.1.0-9.1.mga5
libexpat-devel-2.1.0-9.1.mga5

from SRPMS:
expat-2.1.0-7.1.mga4.src.rpm
expat-2.1.0-9.1.mga5.src.rpm

Reproducible: 

Steps to Reproduce:

David Walser 2015-07-26 16:30:30 CEST

Blocks: (none) => 16444

David Walser 2015-07-26 16:31:25 CEST

Whiteboard: (none) => MGA4TOO

Comment 1 Shlomi Fish 2015-07-26 17:33:19 CEST

adding mga4-32-ok.

CC: (none) => shlomif
Whiteboard: MGA4TOO => MGA4TOO MGA4-32-OK

Comment 2 Samuel Verschelde 2015-07-27 10:56:56 CEST

(In reply to Shlomi Fish from comment #1)
> adding mga4-32-ok.

Can you tell how you tested?

Comment 3 Samuel Verschelde 2015-07-27 10:58:01 CEST

Embryo of procedure there: https://bugs.mageia.org/show_bug.cgi?id=5141#c7

Comment 4 Shlomi Fish 2015-07-27 11:40:22 CEST

(In reply to Samuel VERSCHELDE from comment #2)
> (In reply to Shlomi Fish from comment #1)
> > adding mga4-32-ok.
> 
> Can you tell how you tested?

Yes, I tested the new chromium-browser with it and it seemed to work fine. That's what Luigi told me to mark it here.

Dave Hodgins 2015-07-27 15:55:30 CEST

CC: (none) => davidwhodgins
Whiteboard: MGA4TOO MGA4-32-OK => MGA4TOO MGA4-32-OK advisory

Comment 5 Dave Hodgins 2015-07-27 16:06:45 CEST

Testing complete. Validating the update.

Keywords: (none) => validated_update
Whiteboard: MGA4TOO MGA4-32-OK advisory => MGA4TOO MGA4-32-OK advisory MGA5-64-OK
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2015-07-27 19:18:59 CEST

An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0285.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.