Ubuntu has issued an advisory today (August 17): https://usn.ubuntu.com/usn/usn-3394-1/ Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO, MGA5TOO
pushed in updates_testing src.rpm: libmspack-0.5-0.1.alpha.1.mga5 libmspack-0.5-0.2.alpha.1.mga6
CVE: (none) => CVE-2017-6419 CVE-2017-11423CC: (none) => mageiaAssignee: bugsquad => qa-bugs
Whiteboard: MGA6TOO, MGA5TOO => MGA5TOOVersion: Cauldron => 6
Advisory: ======================== Updated libmspack packages fix security vulnerabilities: It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2017-6419). It was discovered that libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service (CVE-2017-11423). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11423 https://usn.ubuntu.com/usn/usn-3394-1/ ======================== Updated packages in core/updates_testing: ======================== libmspack0-0.5-0.1.alpha.1.mga5 libmspack-devel-0.5-0.1.alpha.1.mga5 libmspack0-0.5-0.2.alpha.1.mga6 libmspack-devel-0.5-0.2.alpha.1.mga6 from SRPMS: libmspack-0.5-0.1.alpha.1.mga5.src.rpm libmspack-0.5-0.2.alpha.1.mga6.src.rpm
Blocks: (none) => 21555
mga5 x86_64 CAB files are not readily available so use lcab to create one. Could not find anything which would help to test the CVEs. Installed lcab and cabextract and created a small cabinet file. $ lcab -r work work.cab lcab v1.0b11 (2003) by Rien (rien@geekshop.be) nopath : no recursive : yes quiet : no inputfiles : work/report work/sample outputfile : work.cab cabfile : 3130 bytes (approx. 3.06 Kbytes) cfileInit: work\report localtime: cfileInit: work\sample localtime: tmp,header,folder,.. done $ ls -l work.cab -rw-r--r-- 1 lcl lcl 1673 Aug 18 10:05 work.cab $ mkdir ditto Integrity check: $ cabextract -t work.cab Testing cabinet: work.cab work/report OK 2b4378746648cb6fbef23d2bf1a73ef5 work/sample OK 6a7d342aae4f9cebb5b94e9a9576e85d Extract contents to named directory: $ cabextract -d ditto work.cab Extracting cabinet: work.cab extracting ditto/work/report extracting ditto/work/sample All done, no errors. $ tree ditto ditto └── work ├── report └── sample Check to show that the library is being accessed: $ strace cabextract work.cab 2> trace $ cat trace | grep mspack open("/lib64/libmspack.so.0", O_RDONLY|O_CLOEXEC) = 3 Installed the updates and ran similar tests on a larger set of files, leaving out the strace. There were no problems.
CC: (none) => tarazed25
Whiteboard: MGA5TOO => MGA5TOO MGA5-64-OK
mga6 x86_64 Repeated the tests outlined in comment 3 using more files. Collected my whole bookshelf into a 766 MB file which passed the integrity check and expanded into a folder on another partition. Before updates: OK afterwards: OK
Whiteboard: MGA5TOO MGA5-64-OK => MGA5TOO MGA5-64-OK MGA6-64-OK
Validating, advisory uploaded.
Keywords: (none) => validated_updateWhiteboard: MGA5TOO MGA5-64-OK MGA6-64-OK => advisory MGA5TOO MGA5-64-OK MGA6-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0283.html
Status: NEW => RESOLVEDResolution: (none) => FIXED