Bug 19689 - memcached new security issues CVE-2016-870[4-6]
Summary: memcached new security issues CVE-2016-870[4-6]
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/705214/
Whiteboard: MGA5-32-OK MGA5-64-OK advisory
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2016-11-01 13:34 CET by David Walser
Modified: 2016-11-17 17:37 CET (History)
4 users (show)

See Also:
Source RPM: memcached-1.4.24-2.mga6.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2016-11-01 13:34:19 CET 
Three security issues fixed upstream in memcached have been assigned CVEs:
http://openwall.com/lists/oss-security/2016/11/01/3

The issues are fixed in 1.4.33:
https://github.com/memcached/memcached/wiki/ReleaseNotes1433

Mageia 5 is also affected.
David Walser 2016-11-01 13:34:29 CET

Whiteboard: (none) => MGA5TOO

David Walser 2016-11-01 19:41:13 CET

URL: (none) => http://lwn.net/Vulnerabilities/705214/

Comment 1 David Walser 2016-11-04 15:38:34 CET 
Ubuntu has issued an advisory on November 2:
https://www.ubuntu.com/usn/usn-3120-1/
Comment 2 Nicolas Lécureuil 2016-11-16 17:38:44 CET 
Fixed in cauldron
pushed in mga 5 updates_testing

SRPMS: memcached-1.4.25-1.mga5

Assignee: mageia => qa-bugs

Nicolas Lécureuil 2016-11-16 17:39:08 CET

CC: (none) => mageia
Version: Cauldron => 5
Whiteboard: MGA5TOO => (none)

Comment 3 David Walser 2016-11-16 19:11:12 CET 
Advisory:
========================

Updated memcached packages fix security vulnerabilities:

Aleksandar Nikolic discovered that Memcached incorrectly handled certain
malformed commands. A remote attacker could use this issue to cause
Memcached to crash, resulting in a denial of service, or possibly execute
arbitrary code (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8706
https://www.ubuntu.com/usn/usn-3120-1/
========================

Updated packages in core/updates_testing:
========================
memcached-1.4.25-1.mga5
memcached-devel-1.4.25-1.mga5

from memcached-1.4.25-1.mga5.src.rpm

Severity: normal => critical

Comment 4 James Kerr 2016-11-17 14:34:08 CET 
Testing on mga5-32

Package installed cleanly

$ rpm -q memcached
memcached-1.4.25-1.mga5

Following the simple test described in
https://bugs.mageia.org/show_bug.cgi?id=12156#c8

Resulted in SUCCESS

OK for mga5-32

CC: (none) => jim
Whiteboard: (none) => MGA5-32-OK

Comment 5 James Kerr 2016-11-17 14:43:31 CET 
Testing on mga5-64

Package installed cleanly

$ rpm -q memcached
memcached-1.4.25-1.mga5

Following the simple test described in
https://bugs.mageia.org/show_bug.cgi?id=12156#c8

Running the test file returned
my test data : SUCCESS

OK for mga5-64

Whiteboard: MGA5-32-OK => MGA5-32-OK MGA5-64-OK

Comment 6 James Kerr 2016-11-17 14:47:22 CET 
This update is now validated 
The advisory in comment#3 needs to be uploaded to SVN
The packages can then be pushed to updates

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 7 Lewis Smith 2016-11-17 16:27:09 CET 
Advisory from Comment 3 uploaded.

CC: (none) => lewyssmith
Whiteboard: MGA5-32-OK MGA5-64-OK => MGA5-32-OK MGA5-64-OK advisory

Comment 8 Mageia Robot 2016-11-17 17:37:44 CET 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0381.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.