A security issue fixed upstream in lxterminal has been announced: http://openwall.com/lists/oss-security/2017/05/09/1 The message above contains a link to the upstream commit that fixed the issue. Mageia 5 is probably also affected.
Whiteboard: (none) => MGA5TOO
Done for Cauldron and Mga5. Suggested advisory: ======================== The updated package fix a security vulnerability: unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control). (CVE-2016-10369) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10369 http://openwall.com/lists/oss-security/2017/05/09/1 ======================== Updated packages in core/updates_testing: ======================== lxterminal-0.1.11-5.2.mga5 from SRPMS: lxterminal-0.1.11-5.2.mga5.src.rpm
Version: Cauldron => 5Status: NEW => ASSIGNEDAssignee: nicolas.salguero => qa-bugsWhiteboard: MGA5TOO => (none)
x86_64 on real hardware. Ran lxterminal from a Mate terminal using this command: $ lxterminal & sleep 1; lxterminal [1] 14711 $ ps aux | grep lxterm lcl 14711 0.3 0.3 432204 24304 pts/1 Sl 14:16 0:00 lxterminal lcl 14812 0.0 0.0 12256 2244 pts/1 S+ 14:17 0:00 grep lxterm This shows only one instance of lxterminal but in fact there are two active on screen. See https://unix.stackexchange.com/questions/333539/lxterminal-in-the-netstat-output/333578 for the discussion. Killed both and ran the update then the double lxterm command. $ lxterminal & sleep 1 ; lxterminal [1] 15617 /run/user/1000/.lxterminal-socket-:0 /run/user/1000/.lxterminal-socket-:0 [lcl@belexeuli ~]$ ps aux | grep lxterm lcl 15617 0.1 0.2 432212 24152 pts/1 Sl 14:25 0:00 lxterminal lcl 15732 0.0 0.0 12256 2268 pts/1 S+ 14:26 0:00 grep lxterm Typing exit in the two terminals does not remove the socket but if the double command is issued again the socket is overwritten, or maybe reused. The datestamp changes. First time: $ ls -al /run/user/1000 srwxr-xr-x 1 lcl lcl 0 May 10 15:03 .lxterminal-socket-:0 Second time: srwxr-xr-x 1 lcl lcl 0 May 10 15:05 .lxterminal-socket-:0 Not sure of the significance of this but taking this as a sign that the socket allocation is more secure.
CC: (none) => tarazed25
Whiteboard: (none) => MGA5-64-OK
i586 in virtualbox Ran the command $ lxterminal & sleep 1; lxterminal which generated two lxterms but only one showed up in the list of processes. After updating the command showed that a socket in /run/user/1000 was being used for both lxterms. $ lxterminal & sleep 1 ; lxterminal [1] 22248 /run/user/1000/.lxterminal-socket-:0.0 /run/user/1000/.lxterminal-socket-:0.0 The terminal works as expected. Giving this the OK.
Whiteboard: MGA5-64-OK => MGA5-64-OK MGA5-32-OK
@Len: a good once again! Validating & advisoried.
Keywords: (none) => validated_updateWhiteboard: MGA5-64-OK MGA5-32-OK => MGA5-64-OK MGA5-32-OK advisoryCC: (none) => lewyssmith, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0138.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED