Bug 8235 - weechat new security issue CVE-2012-5534
Summary: weechat new security issue CVE-2012-5534
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 2
Hardware: i586 Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL: http://lwn.net/Vulnerabilities/527363/
Whiteboard: MGA1TOO has_procedure mga1-32-OK mga1...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2012-11-28 19:29 CET by David Walser
Modified: 2012-11-30 23:20 CET (History)
3 users (show)

See Also:
Source RPM: weechat-0.3.6-3.1.mga2.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-11-28 19:29:31 CET 
OpenSuSE has issued an advisory today (November 28):
http://lists.opensuse.org/opensuse-updates/2012-11/msg00087.html

It fixes a new issue, CVE-2012-5534, which they have a patch for.

Upstream shows this as fixed in 0.3.9.2 (so Cauldron is affected).
http://www.weechat.org/security/
David Walser 2012-11-28 19:29:39 CET

Whiteboard: (none) => MGA2TOO

Comment 1 David Walser 2012-11-30 00:44:43 CET 
Fedora has issued an advisory for this on November 20:
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093495.html

The RedHat bug also has a link to the upstream change that fixes this:
https://bugzilla.redhat.com/show_bug.cgi?id=878025
Comment 3 David Walser 2012-11-30 14:20:20 CET 
Updated package uploaded for Cauldron by Funda.

Patched package uploaded for Mageia 1 and Mageia 2 by Funda.  Thanks Funda!

Advisory:
========================

Updated weechat packages fix security vulnerability:

Untrusted command for function hook_process in WeeChat before 0.3.9.2 could
lead to execution of commands, because of shell expansions (so the problem is
only caused by some scripts, not by WeeChat itself) (CVE-2012-5534).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5534
https://savannah.nongnu.org/bugs/?37764
http://www.weechat.org/security/
http://lists.opensuse.org/opensuse-updates/2012-11/msg00087.html
========================

Updated packages in core/updates_testing:
========================
weechat-0.3.0-1.1.mga1
weechat-perl-0.3.0-1.1.mga1
weechat-python-0.3.0-1.1.mga1
weechat-tcl-0.3.0-1.1.mga1
weechat-ruby-0.3.0-1.1.mga1
weechat-lua-0.3.0-1.1.mga1
weechat-charset-0.3.0-1.1.mga1
weechat-aspell-0.3.0-1.1.mga1
weechat-devel-0.3.0-1.1.mga1
weechat-0.3.6-3.2.mga2
weechat-perl-0.3.6-3.2.mga2
weechat-python-0.3.6-3.2.mga2
weechat-tcl-0.3.6-3.2.mga2
weechat-ruby-0.3.6-3.2.mga2
weechat-lua-0.3.6-3.2.mga2
weechat-charset-0.3.6-3.2.mga2
weechat-aspell-0.3.6-3.2.mga2
weechat-devel-0.3.6-3.2.mga2

from SRPMS:
weechat-0.3.0-1.1.mga1.src.rpm
weechat-0.3.6-3.2.mga2.src.rpm

CC: (none) => fundawang
Version: Cauldron => 2
Assignee: fundawang => qa-bugs
Whiteboard: MGA2TOO => MGA1TOO

Comment 4 claire robinson 2012-11-30 14:48:35 CET 
No PoC so just testing the basics

Procedure: https://bugs.mageia.org/show_bug.cgi?id=8044#c6

Whiteboard: MGA1TOO => MGA1TOO has_procedure

Comment 5 claire robinson 2012-11-30 16:12:34 CET 
Testing complete Mga1 32 & 64 and Mga2 64

Whiteboard: MGA1TOO has_procedure => MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-64-OK

Comment 6 claire robinson 2012-11-30 16:39:23 CET 
Testing complete mga2 32

Validating

Advisory & srpms for Mageia 1 & 2 in comment 3

Could sysadmin please push from core/updates_testing to core/updates

Thanks!

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-64-OK => MGA1TOO has_procedure mga1-32-OK mga1-64-OK mga2-32-OK mga2-64-OK

Comment 7 Thomas Backlund 2012-11-30 23:20:06 CET 
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0347

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.