Bug 23704 - patch new security issues CVE-2018-6951 and CVE-2018-6952
Summary: patch new security issues CVE-2018-6951 and CVE-2018-6952
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA6-32-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2018-10-16 00:49 CEST by David Walser
Modified: 2018-11-15 23:05 CET (History)
5 users (show)

See Also:
Source RPM: patch-2.7.6-3.mga7.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2018-10-16 00:49:57 CEST
Fedora has issued an advisory today (October 15):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DTAZPKCAJTAOK6CYQP7SPWNXDIAG4A37/

Mageia 6 is also affected.
David Walser 2018-10-16 00:50:03 CEST

Whiteboard: (none) => MGA6TOO

Comment 1 Marja Van Waes 2018-10-16 19:52:44 CEST
Assigning to the registered maintainer.

CC: (none) => marja11
Assignee: bugsquad => tmb

Comment 2 Bruno Cornec 2018-11-10 02:18:35 CET
CVE-2018-6951 is fixed by upstream patch:
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
CVE-2018-6952 is fixed by upstream patch:
http://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300

Pushing patch-2.7.6-4.mga7 to cauldron.

Status: NEW => ASSIGNED
Version: Cauldron => 6
CC: (none) => bruno
Assignee: tmb => bruno
Whiteboard: MGA6TOO => (none)

Comment 3 Bruno Cornec 2018-11-10 02:23:32 CET
patch-2.7.6-1.1.mga6 on its way for testing_updates for mga6

Assignee: bruno => qa-bugs

Comment 4 David Walser 2018-11-10 14:10:59 CET
Advisory:
========================

Updated patch packages fix security vulnerabilities:

A NULL pointer dereference flaw was found in the way patch processed patch
files. An attacker could potentially use this flaw to crash patch by tricking
it into processing crafted patches (CVE-2018-6951).

A double-free flaw was found in the way the patch utility processed patch
files. An attacker could potentially use this flaw to crash the patch utility
by tricking it into processing crafted patches (CVE-2018-6952).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DTAZPKCAJTAOK6CYQP7SPWNXDIAG4A37/
========================

Updated packages in core/updates_testing:
========================
patch-2.7.6-1.1.mga6

from patch-2.7.6-1.1.mga6.src.rpm
Comment 5 Herman Viaene 2018-11-14 15:17:32 CET
MGA6-32 MATE on IBM Thinkpad R50e
No installation issues
Followed test as per bug 22587 Comment 11
$  mkdir dir1
$ ln -s dir1 dir2
$ echo a > dir2/a
$ echo b > dir2/b
$ diff -u dir2/a dir2/b > foo.diff
$ patch -p0 < foo.diff
patching file dir2/a
$ more dir2/a
b

OK for me.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA6-32-OK

Comment 6 Lewis Smith 2018-11-14 20:38:38 CET
Thank you Herman for the test.
Advisoried from comment 4; and validating.

Keywords: (none) => advisory, validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 7 Mageia Robot 2018-11-15 23:05:38 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0448.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.