Title
MGASA-2018-0025 -- security update for libplist, gvfs, ifuse, kodi, libgpod, libimobiledevice, upower, usbmuxd
Description
The base64decode function in libplist allowed attackers to obtain
sensitive information from process memory or cause a denial of
service (buffer over-read) via split encoded Apple Property List data
(CVE-2017-5209).
The main function in plistutil.c in libimobiledevice libplist allowed
attackers to obtain sensitive information from process memory or cause a
denial of service (buffer over-read) via Apple Property List data that is
too short (CVE-2017-5545).
A heap-buffer overflow in parse_dict_node could cause a segmentation fault
(CVE-2017-5834).
Malicious crafted file could cause libplist to allocate large amounts of
memory and consume lots of CPU because of a memory allocation error
(CVE-2017-5835).
A type inconsistency in bplist.c could cause the application to crash
(CVE-2017-5836).
Crafted plist file could lead to Heap-buffer overflow (CVE-2017-6435).
Integer overflow in parse_string_node (CVE-2017-6436).
The base64encode function in base64.c allows local users to cause denial
of service (out-of-bounds read) via a crafted plist file (CVE-2017-6437).
Heap-based buffer overflow in the parse_unicode_node function
(CVE-2017-6438).
Heap-based buffer overflow in the parse_string_node function
(CVE-2017-6439).
Ensure that sanity checks work on 32-bit platforms (CVE-2017-6440).
Add some safety checks, backported from upstream (CVE-2017-7982).
The gvfs, ifuse, kodi, libgpod, libimobiledevice, upower, and usbmuxd
packages have been rebuilt for the updated libplist.