Bug 610845 (CVE-2010-2490)
| Summary: | CVE-2010-2490 Mumble: Remotely exploitable DoS (murmur server termination) due QueryUsers Qt SQLite database bug | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | j.golderer, jreznik, s.adam, th0br0, than, vdanen |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-06-08 13:07:22 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 691545 | ||
| Bug Blocks: | |||
|
Description
Jan Lieskovsky
2010-07-02 15:06:42 UTC
This is the commit that was used by Debian to fix the flaw: https://github.com/mumble-voip/mumble/commit/6b33dda344f89e5a039b7d79eb43925040654242 The problem seems to be related to long usernames and the LIKE statement; the upstream commit message is: "Don't crash on long usernames" and the corresponding Debian changelog entry is: mumble (1.2.2-4) unstable; urgency=high * Fix failure with SQLite with very long 'like' matches. Closes: #587713 This would affect all of the versions of mumble we are shipping. Created mumble tracking bugs for this issue Affects: fedora-all [bug 691545] Will have the fix out by tue / wed evening, thereby updating to 1.2.3 Mh. Why didn't I see the report back in July. Not sure why you didn't see it back then, but thank you for looking after it now. You're welcome. Mumble's been a bit neglected by me as I'm still waiting for this review #641572 But I guess I'll just make it a subpackage or so given that mumble is the sole package needing it and we need that security fix now. I have packaged mumble 1.2.3 locally. I am still awaiting the celt071 review which I was told will definitely happen this weekend. Once that package is reviewed, I will push the update -- unless you'd like me to push the upgrade first and then push the next update with the celt071 dependency. If it happens this week, waiting for that review is fine. This issue is pretty old, so waiting another few days or week isn't going to be a big problem. Any updates on this? Yes, I'm going to catch up on this work today. Sorry, this last part of school has, once again, proven more work-intensive than expected. Going to push the update later today. Yes, I'm going to catch up on this work today. Sorry, this last part of school has, once again, proven more work-intensive than expected. Going to push the update later today. The CVE identifier of CVE-2010-2490 has been assigned to this issue: http://www.openwall.com/lists/oss-security/2010/07/02/11 Mumble 1.2.3 has reached stable by now. Seems like I forgot these two bugs in the bodhi update. Closing. (In reply to comment #13) > Mumble 1.2.3 has reached stable by now. > Seems like I forgot these two bugs in the bodhi update. > > Closing. Thanks Andreas, will mention the relevant updates yet and change the resolution of this bug to errata. This issue has been addressed in the following updates: 1) mumble-1.2.3-2.fc15 for Fedora-15: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060747.html 2) mumble-1.2.3-2.fc14 for Fedora-14: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061217.html |