A security issue fixed upstream in 389-ds-base has been announced: http://openwall.com/lists/oss-security/2017/01/18/5 The issue is fixed in 1.3.6 and the commit to fix the issue is linked in the message above. This package is only in Mageia 5 now.
Patched package uploaded for Mageia 5. Testing procedures: https://bugs.mageia.org/show_bug.cgi?id=11720#c7 https://bugs.mageia.org/show_bug.cgi?id=16928#c7 Advisory: ======================== Updated 389-ds-base package fixes security vulnerability: The "attribute uniqueness" plugin did not properly NULL-terminate an array when building up its configuration if a so called 'old-style' configuration was being used. An attacker, authenticated, but possibly also unauthenticated, could possibly force the plugin to read beyond allocated memory and trigger a segfault. The crash could also possibly be triggered accidentally (CVE-2017-2591). References: http://www.openwall.com/lists/oss-security/2017/01/18/5 https://fedorahosted.org/389/ticket/48986 ======================== Updated packages in core/updates_testing: ======================== 389-ds-base-1.3.4.14-1.1.mga5 389-ds-base-debuginfo-1.3.4.14-1.1.mga5 lib64389-ds-base0-1.3.4.14-1.1.mga5 lib64389-ds-base-devel-1.3.4.14-1.1.mga5 from 389-ds-base-1.3.4.14-1.1.mga5.src.rpm
CC: (none) => mramboWhiteboard: (none) => has_procedureAssignee: bugsquad => qa-bugs
MGA5-32 on AsusA6000VM Xfce No installation issues,except that debuginfo package is not present in Update testing , I suppose this is not really needed Completed test as per bug 11720 Comment 7 (tx Claire), all OK.
Whiteboard: has_procedure => has_procedure MGA5-32-OKCC: (none) => herman.viaene
CC: (none) => lewyssmithWhiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK advisory
Testing M5_64 following https://bugs.mageia.org/show_bug.cgi?id=16928#c7 except that I already had this thing installed and configured [typical]. Used the following command sequnce ex Claire's original procedure: BEFORE (389-ds-base-1.3.4.14-1 &lib64389-ds-base0-1.3.4.14-1) and AFTER (389-ds-base-1.3.4.14-1.1 & lib64389-ds-base0-1.3.4.14-1.1) the update. # systemctl [re]start dirsrv@localhost # systemctl status dirsrv@localhostâ dirsrv@localhost.service - 389 Directory Server localhost. Loaded: loaded (/usr/lib/systemd/system/dirsrv@.service; enabled) Active: active (running) since Gwe 2017-01-27 15:16:19 CET; 12s ago ... [After restart only: Process: 3295 ExecStopPost=/bin/rm -f /var/run/dirsrv/slapd-%i.pid (code=exited, status=0/SUCCESS) ] ... # netstat -pant | grep 389 tcp6 0 0 :::389 :::* LISTEN 4653/ns-slapd # ldapsearch -x -h localhost -s base -b "" "objectclass=*" # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: objectclass=* # requesting: ALL # # dn: objectClass: top defaultnamingcontext: dc=localdomain dataversion: 020170127140842 netscapemdsuffix: cn=ldap://dc=localhost,dc=localdomain:389 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Service restart exception as noted, results were essentially identical. Update OK. Validating.
Whiteboard: has_procedure MGA5-32-OK advisory => has_procedure MGA5-32-OK advisory MGA5-64-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0028.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Re-opening because this package was re-introduced into Cauldron for some reason, without the security fix. The package no longer has a maintainer, so it should probably have stayed gone.
Version: 5 => CauldronCC: (none) => qa-bugsAssignee: qa-bugs => rverschelde
Please drop packages from SVN when you get them removed from repos... I reintroduced those ones because I thought they had been mistakenly wiped from the repos like other packages starting with a number: https://ml.mageia.org/l/arc/dev/2017-01/msg00713.html Any package that is left rotting in SVN is bought to be resubmit at some time. So when dropping a package, please obsolete it too in SVN (it's just one command, `mgarepo obsolete 389-ds-base`).
Status: RESOLVED => REOPENEDResolution: FIXED => (none)
s/bought/bound/ :)
OK. I assumed the 389 stuff had been dropped for that reason but I don't know who dropped them. Assigning the dead bug back to QA.
CC: qa-bugs => rverscheldeAssignee: rverschelde => qa-bugs
They haven't been re-dropped yet, so assigning back to Mike for now (we can add the security patch). Hopefully they can be dropped though, because they're totally unmaintained.
CC: (none) => qa-bugsAssignee: qa-bugs => mrambo
Cauldron package patched for CVE-2017-2591 has been uploaded.
Status: REOPENED => RESOLVEDResolution: (none) => FIXED
Thanks Mike.
CC: qa-bugs => (none)Version: Cauldron => 5Assignee: mrambo => qa-bugs
URL: (none) => https://lwn.net/Vulnerabilities/713059/