Ubuntu has issued an advisory on April 20, 2011: http://www.ubuntu.com/usn/usn-1118-1/ Patched package uploaded for Mageia 1, Mageia 2, and Cauldron. Advisory: ======================== Updated openslp packages fix security vulnerability: The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension (CVE-2010-3609). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 http://www.ubuntu.com/usn/usn-1118-1/ ======================== Updated packages in core/updates_testing: ======================== openslp-1.2.1-11.1.mga1 libopenslp1-1.2.1-11.1.mga1 libopenslp1-devel-1.2.1-11.1.mga1 openslp-1.2.1-11.1.mga2 libopenslp1-1.2.1-11.1.mga2 libopenslp1-devel-1.2.1-11.1.mga2 from SRPMS: openslp-1.2.1-11.1.mga1.src.rpm openslp-1.2.1-11.1.mga2.src.rpm
Whiteboard: (none) => MGA1TOO
Testing complete on Mageia 1 i586 and x86-64. No poc, so just testing that the program works. Note: the /etc/hosts file must not contain an entry for $(hostname) with 127.0.0.1. Either comment out the line, and use a dns server, or put the nic ip in the hosts file. On 192.168.10.103, I have Mageia 1 i586. On 192.168.10.105, I have Mageia 1 x86-64. Both have the slpd service running. On i586 ... # slptool findsrvs service:service-agent service:service-agent://192.168.10.105,65535 service:service-agent://192.168.10.103,65535 On x86-64 ... # slptool findsrvs service:service-agent service:service-agent://192.168.10.105,65535 service:service-agent://192.168.10.103,65535 I'll test Mageia 2 shortly.
CC: (none) => davidwhodginsWhiteboard: MGA1TOO => MGA1TOO MGA1-32-OK MGA1-64-OK has_procedure
Testing complete on Mageia 2 i586 and x86-64. On Mageia 2 i586 ... [root@i2v ~]# slptool findsrvs service:service-agent service:service-agent://192.168.10.104,65535 service:service-agent://192.168.10.105,65535 service:service-agent://192.168.10.103,65535 service:service-agent://192.168.10.106,65535 And on Mageia 2 x86-64 ... [root@x2v ~]# slptool findsrvs service:service-agent service:service-agent://192.168.10.105,65535 service:service-agent://192.168.10.103,65535 service:service-agent://192.168.10.106,65535 service:service-agent://192.168.10.104,65535 Could someone from the sysadmin team push the srpm openslp-1.2.1-11.1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm openslp-1.2.1-11.1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated openslp packages fix security vulnerability: The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension (CVE-2010-3609). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 http://www.ubuntu.com/usn/usn-1118-1/ https://bugs.mageia.org/show_bug.cgi?id=7081
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: MGA1TOO MGA1-32-OK MGA1-64-OK has_procedure => MGA1TOO MGA1-32-OK MGA1-64-OK has_procedure MGA2-32-OK MGA2-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0227
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED