9087 – dbus-glib new security issue CVE-2013-0292

Bug 9087 - dbus-glib new security issue CVE-2013-0292

Summary: dbus-glib new security issue CVE-2013-0292

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	2
Hardware:	i586 Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:

URL:
Whiteboard:	has_procedure mga2-32-ok MGA2-64-OK
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2013-02-16 18:23 CET by David Walser
Modified:	2013-02-17 01:59 CET (History)
CC List:	3 users (show)

See Also:
Source RPM:	dbus-glib-0.96-1.mga2.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2013-02-16 18:23:30 CET

dbus-glib 0.100.1 was released on February 15 to fix a security issue:
http://cgit.freedesktop.org/dbus/dbus-glib/commit/?id=166978a09cf5edff4028e670b6074215a4c75eca

Updated package uploaded for Cauldron.

Patched package uploaded for Mageia 2.

Patch checked into Mageia 1 SVN.

Advisory:
========================

Updated dbus-glib packages fix security vulnerability:

A privilege escalation flaw was found in the way dbus-glib, the D-Bus add-on
library to integrate the standard D-Bus library with the GLib thread
abstraction and main loop, performed filtering of the message sender (message
source subject), when the NameOwnerChanged signal was received. A local
attacker could use this flaw to escalate their privileges (CVE-2013-0292).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0292
https://bugzilla.redhat.com/show_bug.cgi?id=911658
========================

Updated packages in core/updates_testing:
========================
libdbus-glib1_2-0.96-1.1.mga2
libdbus-glib-0.96-1.1.mga2

from dbus-glib-0.96-1.1.mga2.src.rpm

Comment 1 claire robinson 2013-02-16 23:21:45 CET

Testing complete mga2 32

No PoC

Just checking for regressions in gtk apps that require it such as firefox

# urpmq --whatrequires libdbus-glib1_2

Shows a list

List of files in the lib package..
# urpmf libdbus-glib1_2
libdbus-glib1_2:/usr/lib/libdbus-glib-1.so.2
libdbus-glib1_2:/usr/lib/libdbus-glib-1.so.2.2.1


$ strace -e open firefox 2>&1 | grep libdbus-glib-1.so.2
open("/usr/lib/libdbus-glib-1.so.2", O_RDONLY) = 4

Showing firefox loading the library

Whiteboard: (none) => has_procedure mga2-32-ok

Comment 2 Dave Hodgins 2013-02-17 00:08:21 CET

Testing complete on Mageia 2 x86_64.

Could someone from the sysadmin team push the srpm
dbus-glib-0.96-1.1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: Updated dbus-glib packages fix security vulnerability:

A privilege escalation flaw was found in the way dbus-glib, the D-Bus add-on
library to integrate the standard D-Bus library with the GLib thread
abstraction and main loop, performed filtering of the message sender (message
source subject), when the NameOwnerChanged signal was received. A local
attacker could use this flaw to escalate their privileges (CVE-2013-0292).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0292
https://bugzilla.redhat.com/show_bug.cgi?id=911658

https://bugs.mageia.org/show_bug.cgi?id=9087

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs
Whiteboard: has_procedure mga2-32-ok => has_procedure mga2-32-ok MGA2-64-OK

Comment 3 Thomas Backlund 2013-02-17 01:59:34 CET

Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0057

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.