Bug 6859 - bash new security issue CVE-2012-3410 [mga1 & 2]
Summary: bash new security issue CVE-2012-3410 [mga1 & 2]
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 2
Hardware: All Linux
Priority: Low minor
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL: http://lwn.net/Vulnerabilities/507815/
Whiteboard: MGA1TOO mga2-64-OK MGA1-32-OK MGA2-32...
Keywords: validated_update
Depends on: 6858
  Show dependency treegraph
Reported: 2012-07-23 23:32 CEST by Olivier Blin
Modified: 2012-07-29 22:38 CEST (History)
7 users (show)

See Also:
Source RPM: bash-4.2-5.mga1.src.rpm
Status comment:


Description Olivier Blin 2012-07-23 23:32:22 CEST
+++ This bug was initially created as a clone of Bug #6858 +++

OpenSuSE has issued an advisory today (July 23):

Mageia 1 and Mageia 2 are also affected.

The reproducer is very easy:
test -e /dev/fd/111111111111111111111111111111111111

The patch to fix it is bash42-033 upstream.

We have all of the patches through 028, so you might want to add the intervening patches as well.

More info here:
David Walser 2012-07-24 00:12:55 CEST

Whiteboard: (none) => MGA1TOO

Comment 1 David Walser 2012-07-25 15:27:12 CEST
Patched packages uploaded for Mageia 1 and Mageia 2.


Bash has been updated to patchlevel 37 to fix several minor issues.  One
of these is a buffer overflow vulnerability related to using the test
command with invalid filenames in the /dev/fd directory (CVE-2012-3410).
Mageia is not vulnerable to a buffer overflow with this issue because of
the compiler options that were used to build it, but it can still cause a


Updated packages in core/updates_testing:

from SRPMS:

Priority: Normal => Low
Assignee: bugsquad => qa-bugs
Severity: normal => minor

Comment 2 David Walser 2012-07-25 15:29:32 CEST
Note to QA: When I built this locally and installed it, when I first tried it the reproducer still worked.  I built it in a VM and rebooted it before trying it and the reproducer didn't work.  So, if you install the update and the reproducer still works, try rebooting :o)
Comment 3 Olivier Delaune 2012-07-25 17:52:17 CEST
Testing on Mageia 2 64-bits. After installing bash-4.2-5.1.mga2, I closed the terminal. I opened a new one and I tried:
test -e /dev/fd/111111111111111111111111111111111111
The crash had disappeared
So, ok for me.

CC: (none) => olivier.delaune

Comment 4 David Walser 2012-07-25 17:58:59 CEST
(In reply to comment #3)
> Testing on Mageia 2 64-bits. After installing bash-4.2-5.1.mga2, I closed the
> terminal. I opened a new one and I tried:
> test -e /dev/fd/111111111111111111111111111111111111
> The crash had disappeared
> So, ok for me.

Thanks, I've set the whiteboard comment based on your test.

Whiteboard: MGA1TOO => MGA1TOO mga2-64-OK

Comment 5 Dave Hodgins 2012-07-25 20:50:10 CEST
Testing complete on Mageia 1 i586.

Before updating ...
$ test -e /dev/fd/111111111111111111111111111111111111
*** buffer overflow detected ***: /bin/bash terminated

After the update,
$ test -e /dev/fd/111111111111111111111111111111111111
$ echo $?

I'll test Mageia 2 i586 shortly.

CC: (none) => davidwhodgins

Comment 6 Dave Hodgins 2012-07-25 21:42:02 CEST
Testing complete on Mageia 2 i586.

Whiteboard: MGA1TOO mga2-64-OK => MGA1TOO mga2-64-OK MGA1-32-OK MGA2-32-OK

Comment 7 Carolyn Rowse 2012-07-27 19:02:37 CEST
Tested on Mga 1 64-bit.

Before: crash message
After: same as in comment 5

Presumably that's OK,so I've added it to the whiteboard.


CC: (none) => isolde
Whiteboard: MGA1TOO mga2-64-OK MGA1-32-OK MGA2-32-OK => MGA1TOO mga2-64-OK MGA1-32-OK MGA2-32-OK MGA1-64-OK

Comment 8 claire robinson 2012-07-27 19:23:43 CEST
That's great Carolyn, thankyou.

This can be validated now, do you want to do it or shall I?
Comment 9 Carolyn Rowse 2012-07-27 20:28:57 CEST
Update validated on Mga1 and Mga2 both archs.

See comment 1 for advisory and SRPMs.

Could sysadmin please push from core/updates_testing to core/updates.

Thank you.


Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 10 Thomas Backlund 2012-07-29 22:38:33 CEST
Update pushed:

CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.