Expat 2.2.7 has been released on June 19: https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes The upstream author says that it fixes one CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 Mageia 6 is also affected.
Whiteboard: (none) => MGA7TOO, MGA6TOO
I think this is yours, Shlomi.
CC: (none) => lewyssmithAssignee: bugsquad => shlomif
Debian has issued an advisory for this on June 28: https://www.debian.org/security/2019/dsa-4472
Ubuntu has issued an advisory for this on June 26: https://usn.ubuntu.com/4040-1/
Shlomi updated Cauldron to 2.2.7 on June 29. Shlomi uploaded an updated package for Mageia 7. Waiting for Mageia 6... expat-2.2.7-1.mga7 libexpat1-2.2.7-1.mga7 libexpat-devel-2.2.7-1.mga7
Version: Cauldron => 7Whiteboard: MGA7TOO, MGA6TOO => MGA6TOO
Advisory: ======================== Updated expat packages fix security vulnerability: It was discovered that Expat did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service (CVE-2018-20843). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes https://www.debian.org/security/2019/dsa-4472 ======================== Updated packages in core/updates_testing: ======================== expat-2.2.7-1.mga6 libexpat1-2.2.7-1.mga6 libexpat-devel-2.2.7-1.mga6 expat-2.2.7-1.mga7 libexpat1-2.2.7-1.mga7 libexpat-devel-2.2.7-1.mga7 from SRPMS: expat-2.2.7-1.mga6.src.rpm expat-2.2.7-1.mga7.src.rpm
Assignee: shlomif => qa-bugsCC: (none) => shlomif
MGA6-64 Plasma on Lenovo B50 No installation issues Followed tests as described in https://wiki.mageia.org/en/QA_procedure:Expat $ python testexpat.py Tested OK $ xmlwf /etc/xml/catalog $ xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) All seems OK.
CC: (none) => herman.viaeneWhiteboard: MGA6TOO => MGA6TOO MGA6-64-OK
CC: lewyssmith => (none)
mga7, x86_64 CVE-2018-20843 https://bugzilla.suse.com/show_bug.cgi?id=1139937&_ga=2.66152878.104103968.1568393798-120638559.1565709153 $ xmlwf clusterfuzz-testcase-4543406568112128.txt clusterfuzz-testcase-4543406568112128.txt:1:88403: no element found This is the expected result. Also:- $ valgrind xmlwf clusterfuzz-testcase-4543406568112128.txt One CPU core hit 99% and stayed there.... for a while. "no element found" was reported. Updated the packages and ran the POC. $ xmlwf clusterfuzz-testcase-4543406568112128.txt clusterfuzz-testcase-4543406568112128.txt:1:88403: no element found That returned immediately as did the valgrind test. Issue fixed. Followed the Mageia wiki test as reported in comment 6. $ edit testexpat.py $ edit testdata.xml $ python testexpat.py Tested OK $ python3 testexpat.py Tested OK $ xmlwf /etc/xml/catalog $ xmlwf /etc/passwd /etc/passwd:1:16: not well-formed (invalid token) OK for mga7 as well.
CC: (none) => tarazed25Whiteboard: MGA6TOO MGA6-64-OK => MGA6TOO MGA6-64-OK MGA7-64-OK
Validating. Advisory in Comment 5.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => tmb
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0274.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
CC: (none) => nillremilton
CC: nillremilton => davidwhodgins