A security issue in openslp has been announced on December 6: https://www.openwall.com/lists/oss-security/2019/12/06/1 A patch to fix it is included in the message above. Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Assign/CC to Johnny & Stig as most recent committers. No registered maintainer.
CC: (none) => smelrorAssignee: bugsquad => cooker
Debian-LTS has issued an advisory for this on December 8: https://www.debian.org/lts/security/2019/dla-2025
RedHat has issued an advisory for this on December 16: https://access.redhat.com/errata/RHSA-2019:4240
Fedora has issued an advisory for this on December 18: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG/
Severity: normal => critical
Status comment: (none) => Patch is available
I have uploaded a patched mga7 package that fixes this. (I have no idea how you test this) Suggested advisory: ======================== A heap-based buffer overflow was discovered in OpenSLP in the way the slpd service processes URLs in service request messages. A remote unauthenticated attacker could register a service with a specially crafted URL that, when used during a service request message, would trigger the flaw and cause the program to crash or to remotely execute code with the privileges of the slpd service. This update fixes this. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5544 https://www.openwall.com/lists/oss-security/2019/12/06/1 Updated packages in 7/core/updates_testing ======================== openslp-2.0.0-10.1.mga7 Source RPM: openslp-2.0.0-10.1.mga7.src.rpm
Assignee: cooker => qa-bugsStatus: NEW => ASSIGNED
Fixed in cauldron.
CC: (none) => cooker
Whiteboard: MGA7TOO => (none)CC: (none) => tmbVersion: Cauldron => 7
MGA7-64 Plasma on Lenovo B50 No installation issues. Ref bug 7081 for tests. # systemctl -l status slpd ● slpd.service - LSB: OpenSLP daemon for the Service Location Protocol Loaded: loaded (/etc/rc.d/init.d/slpd; generated) Active: inactive (dead) Docs: man:systemd-sysv-generator(8) # systemctl -l start slpd # systemctl -l status slpd ● slpd.service - LSB: OpenSLP daemon for the Service Location Protocol Loaded: loaded (/etc/rc.d/init.d/slpd; generated) Active: active (running) since Fri 2020-02-07 14:33:46 CET; 3s ago Docs: man:systemd-sysv-generator(8) Process: 19721 ExecStart=/etc/rc.d/init.d/slpd start (code=exited, status=0/SUCCESS) Memory: 1.6M CGroup: /system.slice/slpd.service └─19737 /usr/sbin/slpd feb 07 14:33:45 mach5.hviaene.thuis systemd[1]: Starting LSB: OpenSLP daemon for the Service Location Protocol... feb 07 14:33:46 mach5.hviaene.thuis slpd[19721]: Starting slpd: Multicast Route Enabled[ OK ] feb 07 14:33:46 mach5.hviaene.thuis systemd[1]: Started LSB: OpenSLP daemon for the Service Location Protocol. then $ slptool findsrvs service:service-agent service:service-agent://192.168.2.5,65535 which is OK0
Whiteboard: (none) => MGA7-64-OKCC: (none) => herman.viaene
Validating. Advisory in Comment 5.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0075.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED