Description: A vulnerability has been reported in mod_perl, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a regular expression in "RegistryCooker.pm" (mod_perl 2.x) or "PerlRun.pm" (mod_perl 1.x) that uses the "path_info" variable without properly escaping it. This can be exploited to cause a DoS by sending requests with specially crafted URLs to a vulnerable server. Solution: Fixed in the SVN repository. Provided and/or discovered by: Alex Solovey
perl please advise.
looking into it.
1.30 added, which covers CVE-2007-1349. Also posted a patched (and bumped) 2.0.3.
Thx Micheal. Arches please test and mark stable. Target keywords are: mod_perl-1.30.ebuild:KEYWORDS="alpha amd64 ia64 ppc ppc64 sparc x86" mod_perl-2.0.3-r1.ebuild:KEYWORDS="alpha amd64 ia64 ppc ppc64 sparc x86"
Created attachment 115011 [details] error_log Perl team: version 1.30: dodoc: ToDo does not exist chmod: cannot access `/var/tmp/portage/www-apache/mod_perl-1.30/image//etc/apache/modules.d/75_mod_perl': No such file or directory x86 stable on this though test suite version 2.0.3-r1 fails, see attached log
ppc64 stable
ppc stable
sparc stable.
ia64 stable
alpha stable
www-apache/mod_perl-2.0.3-r1 1. emerges on x86 2. fails the test suite: t/directive/perldo......................FAILED tests 18-22 Failed 5/22 tests, 77.27% okay t/modules/include.......................# Failed test 1 in t/modules/include.t at line 26 # Failed test 3 in t/modules/include.t at line 33 # Failed test 4 in t/modules/include.t at line 33 fail #2 # Failed test 5 in t/modules/include.t at line 33 fail #3 # Failed test 6 in t/modules/include.t at line 33 fail #4 FAILED tests 1, 3-6 Failed 5/6 tests, 16.67% okay Failed 2/236 test scripts. 10/2393 subtests failed. 3. but passes collision test Portage 2.1.2.2 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19.7 i686) ================================================================= System uname: 2.6.19.7 i686 Genuine Intel(R) CPU T2300 @ 1.66GHz Gentoo Base System release 1.12.9 Timestamp of tree: Thu, 05 Apr 2007 13:00:08 +0000 dev-java/java-config: 1.3.7, 2.0.31 dev-lang/python: 2.3.5-r3, 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--nospinner" FEATURES="collision-protect distlocks metadata-transfer parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox" GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/" LINGUAS="en de en_GB de_CH" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac acpi alsa apache2 asf berkdb bitmap-fonts cairo cdr cdrom cli cracklib crypt cups dbus divx dri dts dvd dvdr dvdread eds emboss encode fam ffmpeg firefox flac fortran gdbm gif gnome gpm gstreamer gtk hal iconv ipv6 isdnlog java jpeg kde kdeenablefinal ldap libg++ mad midi mikmod mmx mono mp3 mpeg ncurses nls nptl nptlonly ogg opengl oss pam pcre perl png ppds pppd python qt3 qt4 quicktime readline reflection rtsp ruby samba sdl session smp spell spl sse sse2 sse3 ssl svg tcpd test tetex theora threads truetype truetype-fonts type1-fonts unicode vcd vorbis wifi win32codecs wxwindows x264 x86 xine xml xorg xprint xv xvid zlib" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LINGUAS="en de en_GB de_CH" USERLAND="GNU" VIDEO_CARDS="i810 fbdev vesa" Unset: CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
x86 stable as ian told me to ignore failing test suite for now
MIPS: Can you please keyword 1.30 so that we can remove the vulnerable versions later on?
amd64 all set
Alpha, amd64: Please don't forget about mod_perl-1.30.
(In reply to comment #5) > Created an attachment (id=115011) [edit] > error_log > > Perl team: > > version 1.30: > dodoc: ToDo does not exist > chmod: cannot access > `/var/tmp/portage/www-apache/mod_perl-1.30/image//etc/apache/modules.d/75_mod_perl': > No such file or directory fixed :) (In reply to comment #15) > Alpha, amd64: Please don't forget about mod_perl-1.30. all set on amd64 for 1.30 as well now
(In reply to comment #15) > Alpha, amd64: Please don't forget about mod_perl-1.30. Ouch! now done. Thanks.
This one is ready for GLSA decision. I tend to vote YES.
tend to vote yes
filing a GLSA request
GLSA 200705-04