Bug 23864 - libwpd new security issue CVE-2018-19208
Summary: libwpd new security issue CVE-2018-19208
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA6-32-OK MGA6-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2018-11-20 23:27 CET by David Walser
Modified: 2018-12-15 22:30 CET (History)
8 users (show)

See Also:
Source RPM: libwpd-0.10.2-4.mga7.src.rpm
CVE:
Status comment:

Attachments
WordPerfect document (6.68 KB, application/vnd.wordperfect)
2018-12-14 10:56 CET, Herman Viaene 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-11-20 23:27:06 CET 
SUSE has issued an advisory on November 19:
http://lists.suse.com/pipermail/sle-security-updates/2018-November/004865.html

Mageia 6 is also affected.
David Walser 2018-11-20 23:27:16 CET

Whiteboard: (none) => MGA6TOO

Comment 1 Marja Van Waes 2018-11-22 09:19:09 CET 
Assigning to all packagers collectively, since there is no registered maintainer for this package.

CC'ing two committers.

CC: (none) => marja11, nicolas.salguero, thierry.vignaud
Assignee: bugsquad => pkg-bugs

Comment 2 Mike Rambo 2018-12-12 20:14:21 CET 
Looks like tv fixed cauldron back in October.

Patched package uploaded for Mageia 6.

Advisory:
========================

Updated libwpd package fixes security vulnerability:

It was discovered there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack (CVE-2018-19208).


References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19208
http://lists.suse.com/pipermail/sle-security-updates/2018-November/004865.html
https://security-tracker.debian.org/tracker/CVE-2018-19208
========================

Updated packages in core/updates_testing:
========================
lib64wpd0.10_10-0.10.2-1.1.mga6
lib64wpd-devel-0.10.2-1.1.mga6
libwpd-tools-0.10.2-1.1.mga6
libwpd-doc-0.10.2-1.1.mga6.noarch.rpm

from libwpd-0.10.2-1.1.mga6.src.rpm

CC: (none) => mrambo
Assignee: pkg-bugs => qa-bugs
Version: Cauldron => 6
Whiteboard: MGA6TOO => (none)

Comment 3 Herman Viaene 2018-12-14 10:55:42 CET 
MGA6-32 MATE on IBM Thinkpad R50e
No installation issues.
Ref to bug 21750 Comment 6 for testing. Test file attached here.
At CLI:
$ wpd2html fnt_sample_file.wpd > fnt_sample_file.html
Opening the wpd file in OOWriter is another aspect of the wpd package. Comparing this display with the resulting html file in OOWriter shows the text quite OK.
There are differences in margins and spacing between paragraphs, but to me that's not unusual when converting word processing formats.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA6-32-OK

Comment 4 Herman Viaene 2018-12-14 10:56:41 CET 
Created attachment 10555 [details]
WordPerfect document
nathan giovannini 2018-12-15 18:58:02 CET

CC: (none) => nathan95
Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OK

Comment 5 nathan giovannini 2018-12-15 19:00:43 CET 
Tested on the 64 bit version, I didn't notice any problems or bugs
nathan giovannini 2018-12-15 20:49:42 CET

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Lewis Smith 2018-12-15 21:31:36 CET 
Thanks testers. Advisory from comment 2.

CC: (none) => lewyssmith
Keywords: (none) => advisory

Comment 7 Mageia Robot 2018-12-15 22:30:49 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0481.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.