814821 – (CVE-2021-21706) dev-lang/php: ZipArchive::extractTo directory traversal (CVE-2021-21706)

Bug 814821 (CVE-2021-21706) - dev-lang/php: ZipArchive::extractTo directory traversal (CVE-2021-21706)

Summary: dev-lang/php: ZipArchive::extractTo directory traversal (CVE-2021-21706)

Status:	RESOLVED INVALID

Alias:	CVE-2021-21706

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:	https://bugs.php.net/bug.php?id=81420
Whiteboard:	B4 [ebuild]
Keywords:

Depends on:
Blocks:

Reported:	2021-09-25 16:10 UTC by John Helmert III
Modified:	2021-09-25 23:44 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2021-09-25 16:10:13 UTC

See URL for details, seems like this is only fixed in 7.3.31. Are the other branches vulnerable?

Comment 1 Brian Evans (RETIRED) gentoo-dev

2021-09-25 22:38:24 UTC

(In reply to John Helmert III from comment #0)
> See URL for details, seems like this is only fixed in 7.3.31. Are the other
> branches vulnerable?

As per the upstream bug, only affects Windows. 

Other branches include the fix as per their ChangeLogs[1][2].

[1] https://www.php.net/ChangeLog-7.php#7.4.24
[2] https://www.php.net/ChangeLog-8.php#8.0.11

Comment 2 John Helmert III archtester

2021-09-25 23:39:15 UTC

(In reply to Brian Evans from comment #1)
> (In reply to John Helmert III from comment #0)
> > See URL for details, seems like this is only fixed in 7.3.31. Are the other
> > branches vulnerable?
> 
> As per the upstream bug, only affects Windows. 

Sorry, missed that bit!

Comment 3 Larry the Git Cow gentoo-dev

2021-09-25 23:44:50 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b1cebb0fa0a2b28fd35ee764ffc26cb0a26d2154

commit b1cebb0fa0a2b28fd35ee764ffc26cb0a26d2154
Author:     Brian Evans <grknight@gentoo.org>
AuthorDate: 2021-09-25 23:43:43 +0000
Commit:     Brian Evans <grknight@gentoo.org>
CommitDate: 2021-09-25 23:44:46 +0000

    dev-lang/php: Version bump for 8.0.11
    
    Bug: https://bugs.gentoo.org/814821
    Signed-off-by: Brian Evans <grknight@gentoo.org>

 dev-lang/php/Manifest          |   1 +
 dev-lang/php/php-8.0.11.ebuild | 749 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 750 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9f6e35dba3f527d0467dbaf19015a5d92bb66447

commit 9f6e35dba3f527d0467dbaf19015a5d92bb66447
Author:     Brian Evans <grknight@gentoo.org>
AuthorDate: 2021-09-25 23:24:46 +0000
Commit:     Brian Evans <grknight@gentoo.org>
CommitDate: 2021-09-25 23:44:46 +0000

    dev-lang/php: Version bump for 7.4.24
    
    Bug: https://bugs.gentoo.org/814821
    Signed-off-by: Brian Evans <grknight@gentoo.org>

 dev-lang/php/Manifest          |   1 +
 dev-lang/php/php-7.4.24.ebuild | 750 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 751 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e5d83b155fdc25fece6a3bf38f2092e189f88da9

commit e5d83b155fdc25fece6a3bf38f2092e189f88da9
Author:     Brian Evans <grknight@gentoo.org>
AuthorDate: 2021-09-25 23:08:03 +0000
Commit:     Brian Evans <grknight@gentoo.org>
CommitDate: 2021-09-25 23:44:45 +0000

    dev-lang/php: Version bump for 7.3.31
    
    Bug: https://bugs.gentoo.org/814821
    Signed-off-by: Brian Evans <grknight@gentoo.org>

 dev-lang/php/Manifest          |   1 +
 dev-lang/php/php-7.3.31.ebuild | 758 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 759 insertions(+)