658736 – www-servers/nginx-{1.14.0-r1,1.15.0-r2}: nginScript: heap buffer overflow in crypto.createHmac()

Bug 658736 - www-servers/nginx-{1.14.0-r1,1.15.0-r2}: nginScript: heap buffer overflow in crypto.createHmac()

Summary: www-servers/nginx-{1.14.0-r1,1.15.0-r2}: nginScript: heap buffer overflow in ...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial
Assignee:	Gentoo Security

URL:	https://nginx.org/en/docs/njs/njs_cha...
Whiteboard:	~1 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2018-06-22 09:59 UTC by Thomas Deutschmann (RETIRED)
Modified:	2018-06-22 20:33 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Deutschmann (RETIRED) gentoo-dev

2018-06-22 09:59:32 UTC

From njs changelog:

> Core:
> 
>   Bugfix: fixed heap-buffer-overflow in crypto.createHmac().

Upstream patch: https://hg.nginx.org/njs/rev/e99e0a7f4fae

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2018-06-22 10:00:30 UTC

Doesn't affect any stable ebuild.

Comment 2 Larry the Git Cow gentoo-dev

2018-06-22 10:37:00 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27da4cba0ea86c7d562152c0df33c7315e8c8d06

commit 27da4cba0ea86c7d562152c0df33c7315e8c8d06
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2018-06-22 10:36:32 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2018-06-22 10:36:51 +0000

    www-servers/nginx: security cleanup
    
    Bug: https://bugs.gentoo.org/658736
    Package-Manager: Portage-2.3.40, Repoman-2.3.9

 www-servers/nginx/Manifest                         |    5 -
 ...1.15-allow-compilation-without-HTTP-cache.patch |   42 -
 www-servers/nginx/nginx-1.13.12-r1.ebuild          | 1064 --------------------
 3 files changed, 1111 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c0aeb860d0f7c3af255abb9705bdfab7c8247d5

commit 8c0aeb860d0f7c3af255abb9705bdfab7c8247d5
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2018-06-22 10:35:31 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2018-06-22 10:36:50 +0000

    www-servers/nginx: rev bump
    
    - stable slot synchronized with changes from mainline slot:
    
      - This will add geoip2 support (introduced via commit c020ffdab8)
    
      - Bump some 3rd party modules (see commit 9484e13a for details)
    
    - HTTP VHost Traffic Status module bumped to v0.1.17
    
    - nginScript module bumped to v0.2.2 [Bug 658736]
    
    - brotli module bumped to v0.1.2
    
    Bug: https://bugs.gentoo.org/658736
    Package-Manager: Portage-2.3.40, Repoman-2.3.9

 www-servers/nginx/Manifest                         |  5 ++--
 ...{nginx-1.14.0.ebuild => nginx-1.14.0-r1.ebuild} | 33 ++++++++++++++++------
 ...inx-1.15.0-r1.ebuild => nginx-1.15.0-r2.ebuild} | 16 ++++-------
 3 files changed, 32 insertions(+), 22 deletions(-)

Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev

2018-06-22 20:33:59 UTC

Repository is clean, all done.