CVE-2019-19010 - Eval injection in the Math plugin

Bug #1852859 reported by Mattia Rizzolo on 2019-11-16
264
This bug affects 1 person
Affects Status Importance Assigned to Milestone
limnoria (Ubuntu)
Medium
Mattia Rizzolo
Bionic
Medium
Mattia Rizzolo

Bug Description

[ Impact ]

This is a security issue that allows a remote, unauthenticated attacker to obtain private information regarding the current process, and possibly remotely execute code.

[ Test Case ]

With this being the case of an eval() gone rouge, since the eval() has been now removed that's enough of a test case to assure the bug is fixed.

[ Regression Potential ]

limnoria contains a very comprehensive test suite, including for the Math plugin, so the regression potential is minimal.

CVE References

Mattia Rizzolo (mapreri) on 2019-11-16
Changed in limnoria (Ubuntu Bionic):
assignee: nobody → Mattia Rizzolo (mapreri)
importance: Undecided → Medium
Mattia Rizzolo (mapreri) on 2019-11-16
Changed in limnoria (Ubuntu Bionic):
status: New → In Progress
Łukasz Zemczak (sil2100) wrote :

Since this is a security issue, maybe the security team would be interested in it? Assigning the security team for feedback. Even though this is an universe package, getting it into -security might still be a thing worth considering.

Mattia Rizzolo (mapreri) wrote :

However note that I already uploaded the fix to bionic-proposed.

Mattia Rizzolo (mapreri) wrote :

And as a data note, the Debian Security team considers this bug minor and not worthy of going through Debian's -security archive.

Hello Mattia, or anyone else affected,

Accepted limnoria into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/limnoria/2018.01.25-1ubuntu18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in limnoria (Ubuntu Bionic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-bionic
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers