Bug 1319731 (CVE-2012-6702)

Summary: CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output
Product: [Other] Security Response Reporter: Adam Mariš <amaris>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: apintea, besser82, bkundal, bmaxwell, caillon, cdewolf, chazlett, cschalle, csutherl, darran.lofthouse, dimitris, dosoudil, erik-fedora, fgavrilo, gecko-bugs-nobody, gzaronik, jawilson, jclere, jhorak, jondruse, jorton, lgao, lupinix.fedora, mbabacek, mizdebsk, mturk, myarboro, pgier, pjurak, ppalaga, psakar, pslavice, rjones, rmeggins, rnetuka, rstancel, rsvoboda, slawomir, stransky, twalsh, vtunka, weli
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-07-05 21:35:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1197087, 1319732, 1319733, 1319734, 1319735, 1319736    
Bug Blocks: 1296104, 1319739    
Attachments:
Description Flags
Proposed upstream patch none

Description Adam Mariš 2016-03-21 11:55:54 UTC
It was found that when calling XML_Parse ahead of rand(), it causes the pseudo random generator to generate non-random predictable numbers.

Product bug:

https://bugzilla.redhat.com/show_bug.cgi?id=1197087

Comment 1 Adam Mariš 2016-03-21 11:56:47 UTC
Created compat-expat1 tracking bugs for this issue:

Affects: fedora-all [bug 1319733]

Comment 2 Adam Mariš 2016-03-21 11:56:56 UTC
Created expat tracking bugs for this issue:

Affects: fedora-all [bug 1319732]

Comment 3 Adam Mariš 2016-03-21 11:57:03 UTC
Created mingw-expat tracking bugs for this issue:

Affects: fedora-all [bug 1319734]
Affects: epel-7 [bug 1319736]

Comment 4 Adam Mariš 2016-03-21 11:57:10 UTC
Created expat21 tracking bugs for this issue:

Affects: epel-all [bug 1319735]

Comment 5 Andrej Nemec 2016-06-06 07:50:05 UTC
CVE assignment:

http://seclists.org/oss-sec/2016/q2/469

Comment 6 Adam Mariš 2016-06-06 13:19:40 UTC
Created attachment 1165212 [details]
Proposed upstream patch