Bug 5075 - libsoup new security issue CVE-2011-2524
Summary: libsoup new security issue CVE-2011-2524
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 1
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard:
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2012-03-23 14:29 CET by David Walser
Modified: 2012-04-11 21:37 CEST (History)
4 users (show)

See Also:
Source RPM: libsoup-2.32.2-4.mga1.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-03-23 14:29:50 CET 
Mandriva has issued this advisory today (March 23):
http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:036

I don't think Cauldron is vulnerable.
Comment 1 David Walser 2012-03-23 14:56:36 CET 
Looks like dmorgan added a patch for this in SVN 7 months ago, but didn't submit it to the build system.

CC: (none) => dmorganec

Comment 2 David Walser 2012-03-23 15:00:06 CET 
I've confirmed Cauldron is not vulnerable.
Comment 3 David Walser 2012-03-23 16:00:16 CET 
Looks like it was built afterall, but schedbot hadn't marked it in SVN for some reason.  No bug had been filed, so here we go.  (Confirmed with dmorgan on IRC that this is ready to go.)

Advisory:
========================

Updated libsoup packages fix security vulnerability:

Directory traversal vulnerability in soup-uri.c in SoupServer in
libsoup before 2.35.4 allows remote attackers to read arbitrary files
via a %2e%2e (encoded dot dot) in a URI (CVE-2011-2524).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524
http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:036
========================

Updated packages in core/updates_testing:
========================
libsoup-2.4-devel-2.32.2-4.1.mga1
libsoup-2.4_1-2.32.2-4.1.mga1

from libsoup-2.32.2-4.1.mga1.src.rpm

Assignee: bugsquad => qa-bugs

Comment 4 Dave Hodgins 2012-04-06 05:31:39 CEST 
Testing complete on i586 for the srpm
libsoup-2.32.2-4.1.mga1.src.rpm

Just testing using hardinfo under strace, which shows
19734 open("/usr/lib/libsoup-2.4.so.1", O_RDONLY) = 3

CC: (none) => davidwhodgins

Comment 5 Manuel Hiebel 2012-04-11 01:59:10 CEST 
Testing for some weeks the lib without issue.


Suggested Advisory:
-------------
Updated libsoup packages fix security vulnerability:

Directory traversal vulnerability in soup-uri.c in SoupServer in
libsoup before 2.35.4 allows remote attackers to read arbitrary files
via a %2e%2e (encoded dot dot) in a URI (CVE-2011-2524).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524
http://www.mandriva.com/en/support/security/advisories/?dis=2010.1&name=MDVSA-2012:036

https://bugs.mageia.org/show_bug.cgi?id=5075
-------------

SRPM: libsoup-2.32.2-4.1.mga1.src.rpm

Could sysadmin please push from core/updates_testing to core/updates

Thankyou!

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Thomas Backlund 2012-04-11 21:37:06 CEST 
Update pushed.

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.