A security issue fixed in the October 2015 Oracle CPU for Java affected ICU. Note that the initial fix caused a regression which was fixed as CVE-2016-0494 in the January 2016 Oracle CPU. Upstream ICU has not fixed this issue yet, nor has any other distro. RedHat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1298906 Upstream bug: http://bugs.icu-project.org/trac/ticket/12020 Mageia 5 is also affected. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO
Assigning to maintainer.
Assignee: bugsquad => shlomif
Can I find the patch anywhere?
See the discussion on the upstream bug. It looks like this is in the process of being addressed there.
Patches are now attached to the upstream bug. The CVE-2015-4844 patch made it in for 57.1, which is committed in Cauldron SVN but not pushed yet, as it bumps the major to 57, so everything linked to it will have to be rebuilt. I have checked the CVE-2015-4844 patch into Mageia 5 SVN and the CVE-2016-0494 patch into Mageia 5 and Cauldron SVN. Shlomi, would you mind taking care of the push and rebuilds in Cauldron?
(In reply to David Walser from comment #4) > Patches are now attached to the upstream bug. > > The CVE-2015-4844 patch made it in for 57.1, which is committed in Cauldron > SVN but not pushed yet, as it bumps the major to 57, so everything linked to > it will have to be rebuilt. > > I have checked the CVE-2015-4844 patch into Mageia 5 SVN and the > CVE-2016-0494 patch into Mageia 5 and Cauldron SVN. > > Shlomi, would you mind taking care of the push and rebuilds in Cauldron? Yes, I'll do that.
Thanks Shlomi for taking care of Cauldron (and everyone else who helped with that). Other than the mpd package, the rebuilds are done. Patched package uploaded for Mageia 5. Advisory: ======================== Updated icu packages fix security vulnerability: It was discovered that ICU Layout Engine was missing multiple boundary and error return checks. These could lead to buffer overflows and memory corruption. A specially crafted font file could cause an application using ICU to parse untrusted fonts to crash and, possibly, execute arbitrary code (CVE-2015-4844). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844 https://bugzilla.redhat.com/show_bug.cgi?id=1273318 https://bugzilla.redhat.com/show_bug.cgi?id=1298906 ======================== Updated packages in core/updates_testing: ======================== icu-53.1-12.3.mga5 icu53-data-53.1-12.3.mga5 icu-doc-53.1-12.3.mga5 libicu53-53.1-12.3.mga5 libicu-devel-53.1-12.3.mga5 from icu-53.1-12.3.mga5.src.rpm
Whiteboard: MGA5TOO => (none)CC: (none) => shlomifVersion: Cauldron => 5Assignee: shlomif => qa-bugs
Inserting special characters works fine in LibreOffice Writer, and Firefox works fine, Mageia 5 i586.
Whiteboard: (none) => has_procedure MGA5-32-OK
Testing M5 x64 Did a cursory pre-update test of inserting obscure characters in LibreOffice Writer. All seemed well. Updated to: icu53-data-53.1-12.3.mga5 lib64icu53-53.1-12.3.mga5 lib64icu-devel-53.1-12.3.mga5 Did a lot of obscure special character insertion with LO Writer, different fonts & different subsets thereof. Everything appeared correctly. Played with Firefox on French sites (to get some accented letters). No visible problems. [Is there a way of inserting special characters with Firefox?] Update deemed OK. Validating.
CC: (none) => lewyssmith, sysadmin-bugsKeywords: (none) => validated_updateWhiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK MGA5-64-OK
CC: (none) => davidwhodginsWhiteboard: has_procedure MGA5-32-OK MGA5-64-OK => has_procedure MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0186.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED