Expat 2.2.1 has been announced on June 17: http://openwall.com/lists/oss-security/2017/06/17/7 There's also a further addressing of CVE-2012-0876 and other security fixes. Updated package uploaded for Cauldron by Shlomi.
Thanks for fixing this in Cauldron, Shlomi. Assigning to you for Mga5, because you are the registered maintainer of expat.
Assignee: bugsquad => shlomifCC: (none) => marja11
Debian has issued an advisory for this on June 25: https://www.debian.org/security/2017/dsa-3898
Patched package uploaded for Mageia 5. Advisory: ======================== Updated expat packages fix security vulnerabilities: Gustavo Grieco discovered an integer overflow flaw during parsing of XML. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library (CVE-2016-9063). Rhodri James discovered an infinite loop vulnerability within the entityValueInitProcessor() function while parsing malformed XML in an external entity. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library (CVE-2017-9233). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233 https://www.debian.org/security/2017/dsa-3898 ======================== Updated packages in core/updates_testing: ======================== expat-2.1.0-9.5.mga5 libexpat1-2.1.0-9.5.mga5 libexpat-devel-2.1.0-9.5.mga5 from expat-2.1.0-9.5.mga5.src.rpm
Assignee: shlomif => qa-bugsCC: (none) => shlomif
MGA5-32 on Asus A6000VM Xfce No installation issues Followed procedure as per https://wiki.mageia.org/en/QA_procedure:Expat resulting at CLI: $ python testexpat.py Tested OK and $ strace -o expattest1.txt xmlwf /etc/xml/catalog no feedback as expected and $ strace -o expattest2.txt xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) Each of the traces showing a call to libexpat.
Whiteboard: (none) => MGA5-32-OKCC: (none) => herman.viaene
CC: (none) => lewyssmithWhiteboard: MGA5-32-OK => MGA5-32-OK advisory
Testing M5 64-bit - OK Updated the pkgs to: expat-2.1.0-9.5.mga5 lib64expat1-2.1.0-9.5.mga5 lib64expat-devel-2.1.0-9.5.mga5 From procedure https://wiki.mageia.org/en/QA_procedure:Expat created 'testdata.xml' and 'testexpat.py', ran the tests: $ python testexpat.py Tested OK $ xmlwf /etc/xml/catalog $ [no ouput correct] $ xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) [expected] All three commands showed via strace that the library was called: open("/lib64/libexpat.so.1", O_RDONLY|O_CLOEXEC) = 3 Validating.
Keywords: (none) => validated_updateWhiteboard: MGA5-32-OK advisory => MGA5-32-OK advisory MGA5-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0214.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED