Debian-LTS has issued an advisory on June 30: https://www.debian.org/lts/security/2020/dla-2267 Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Yet another update for an SRPM with no evident maintainer, so have to assign it globally.
Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated packages fix a security vulnerability: Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed. (CVE-2019-17533) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17533 https://www.debian.org/lts/security/2020/dla-2267 ======================== Updated packages in core/updates_testing: ======================== matio-1.5.16-1.1.mga7 lib(64)matio9-1.5.16-1.1.mga7 lib(64)matio-devel-1.5.16-1.1.mga7 from SRPMS: matio-1.5.16-1.1.mga7.src.rpm
CVE: (none) => CVE-2019-17533CC: (none) => nicolas.salgueroVersion: Cauldron => 7Source RPM: matio-1.5.17-2.mga8.src.rpm => matio-1.5.16-1.mga7.src.rpmStatus: NEW => ASSIGNEDAssignee: pkg-bugs => qa-bugsWhiteboard: MGA7TOO => (none)
Mageia7, x86_64 CVE-2019-17533 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856 PoC: clusterfuzz-testcase-minimized-matio_fuzzer-5650719150964736 https://google.github.io/oss-fuzz/advanced-topics/reproducing/ This is another case of needing to compile the application to integrate a fuzz target so out of QA's remit. Had a look at the examples on GitHub https://github.com/fordicus/matio-examples/blob/master/README.md Created 3d.c from the 3-D example but could not compile it. $ cat 3d.c #include <stdio.h> #include <matio.h> #include <matio_pubconf.h> int main() { const int first = 2, second = 4, third = 5; int array3d[2][4][5] = { 0 }; // fill 3d array for (int i = 0; i < first; i++) for (int j = 0; j < second; j++) for (int k = 0; k < third; k++) array3d[i][j][k] = (i + 1) * (j + 1) * (k + 1); // write char* fieldname3d = "array3d"; size_t dim3d[3] = { first, second, third }; matvar_t *variable3d = Mat_VarCreate(fieldname3d, MAT_C_INT32, MAT_T_INT32, 3, dim3d, &array3d, 0); //rank 3 Mat_VarWrite(matfp, variable3d, MAT_COMPRESSION_NONE); Mat_VarFree(variable3d); } $ gcc -o 3d $(pkg-config --libs --cflags matio) 3d.c 3d.c: In function ‘main’: 3d.c:20:14: error: ‘matfp’ undeclared (first use in this function); did you mean ‘mat_t’? Mat_VarWrite(matfp, variable3d, MAT_COMPRESSION_NONE); ^~~~~ mat_t 3d.c:20:14: note: each undeclared identifier is reported only once for each function it appears in $ grep -i matfp /usr/include/*.h $ $ cat /usr/lib64/pkgconfig/matio.pc prefix=/usr exec_prefix=/usr libdir=/usr/lib64 includedir=/usr/include Name: MATIO Description: MATIO Library Version: 1.5.16 Libs: -L${libdir} -lmatio -lhdf5 -lz Cflags: -I${includedir} matfp is used in all of the examples. ?? $ urpmq --whatrequires lib64matio9 lib64matio-devel lib64matio9 matio scilab Installed scilab and looked for documentation. All the tutorials seem to be videos, no use to me, being too deaf and slow to follow them. Launched scilab but could not figure out how to import 3d.c. Clicking on it simply showed it in an emacs popup so abandoned that. Trying to type it in line by line in the console raised errors on every line. Goodbye scilab. Giving up - handing over to the experts. Note that all this was done before trying the updates.
CC: (none) => tarazed25
MGA7-64 Plasma on Lenovo B50 No installation issues Ref bug 26061 for testing, I won't thread where Len has been. $ matdump --version matdump 1.5.16 Written by Christopher Hulbert Copyright(C) 2006-2019, Christopher C. Hulbert $ matdump --help Usage: matdump [OPTIONS] mat_file [var1 var2 ...] Runs various test on the Matlab I/O library libmatio OPTIONS -d,--data Print data with header information -f,--format whos Turn on 'whos' display mode -h,--human Human readable sizes in 'whos' display mode -v,--verbose Turn on verbose messages -H,--help This output -V,--version version information mat_file name of the MAT file to dump var1 var2 ... If specified, dumps only listed variables Report bugs to <t-beu@users.sourceforge.net>. As scilab has dependencies on lib64matio9, started scilab and did a few simple calculations: works OK. Bug 26061 has been OK'ed on this, but I leave the last word on this to Len.
CC: (none) => herman.viaene
No, you are the expert on this one Herman. We need to get it out the door, so...
Whiteboard: (none) => MGA7-64-OK
Excellent cooperation, Gentlemen. No prima donnas here. Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0299.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED