Upstream has issued an advisory today (February 25): http://openwall.com/lists/oss-security/2016/02/25/7 It should be posted here shortly: http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt The issue is fixed upstream in 3.1.3. Updated package uploaded for Cauldron. Patched package uploaded for Mageia 5. Advisory: ======================== Updated xerces-c packages fix security vulnerability: The Xerces-C XML parser mishandles certain kinds of malformed input documents, resulting in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. The bugs allow for a denial of service attack in many applications by an unauthenticated attacker, and could conceivably result in remote code execution (CVE-2016-0729). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0729 http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt ======================== Updated packages in core/updates_testing: ======================== xerces-c-3.1.2-1.1.mga5 libxerces-c3.1-3.1.2-1.1.mga5 libxerces-c-devel-3.1.2-1.1.mga5 xerces-c-doc-3.1.2-1.1.mga5 from xerces-c-3.1.2-1.1.mga5.src.rpm
Testing ideas in Bug 15538.
Whiteboard: (none) => has_procedure
Debian has issued an advisory for this on February 25: https://www.debian.org/security/2016/dsa-3493
URL: (none) => http://lwn.net/Vulnerabilities/677608/
mga5 x86_64 Mate The links and information provided through the link referenced in comment #1 are invaluable. Before updating: 1) Played around with Enigma for half an hour - working through four levels in tutorial mode. 2) Installed the -devel package 3) Obtained the parser files from the link. There did not seem to be a download link so I cut and pasted the three files into an editor and saved them. They included line numbers so I wrote a quick ruby script to eliminate those because I was not sure if g++ can deal with them (script attached). 4) Compiled and linked the parser files to produce an executable. $ g++ -g -Wall -pedantic -lxerces-c parser.c++ -DMAIN_TEST -o parser 5) Ran the unit test on parser. $ ./parser Application option A=10 Application option B=24 There are other applications, like sigil, depending on xerces-c. sigil opened an editing screen with file manager but I could take it no further, not having any ebooks. After update launched sigil and then enigma. Within my limitations they work fine. Recompiled and linked the parser utility. It produced the expected output on parsing the test file.
CC: (none) => tarazed25
Whiteboard: has_procedure => has_procedure MGA5-64-OK
Created attachment 7498 [details] Utility for stripping line numbers from code files. Included this only because of my ignorance of how g++ views line-numbered code.
mga5 i586 in virtualbox Mate Installed sigil, enigma and xerces-c libraries before the update. Updated to xerces-c-3.1.2-1.1.mga5 and added the libraries. Compiled the parser test program and ran it on the sample XML file. That worked fine. Opened sigil but took it no further. enigma started; chose tutorial mode and started at a low level and immediately ran into problems with the mouse. Could not capture the mouse even with Right Ctrl so had to crash the machine via reset. Inclined to give xerces-c the OK but shall wait for any responses.
Whiteboard: has_procedure MGA5-64-OK => has_procedure MGA5-64-OK MGA5-32-OK
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
advisory uploaded
Whiteboard: has_procedure MGA5-64-OK MGA5-32-OK => has_procedure advisory MGA5-64-OK MGA5-32-OK
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0088.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Created attachment 10056 [details] Utility for stripping n leading characters from each line of a file. Either run using ruby explicitly or make the script executable. Either way, ruby should be installed first. $ ruby stripe.rb .... or $ chmod +x stripe.rb $ mv stripe.rb stripe $ ./stripe textfile <n> > newtext
Attachment 7498 is obsolete: 0 => 1
Created attachment 10057 [details] Margin removal utility for text files A slight improvement.
Attachment 10056 is obsolete: 0 => 1