|Summary:||dev-php5/pecl-zip ZipArchive::extractTo directory traversal (CVE-2008-5658)|
|Product:||Gentoo Security||Reporter:||Christian Hoffmann (RETIRED) <hoffie>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Package list:||Runtime testing required:||---|
Description Christian Hoffmann (RETIRED) 2009-04-11 12:07:40 UTC
pecl-zip has been providing zip support for php, and with some version of php (5.2? doesn't matter) it became part of PHP itself and ships with it (ext/zip in the source). This is enabled with USE=zip when building php. Several security issues have been reported against PHP with zip support, so pecl-zip is probably also affected, but it has never seen any fixes (last upstream release is from 2007). We should verify and probably remove pecl-zip.
Comment 1 Robert Buchholz (RETIRED) 2009-04-12 17:11:08 UTC
confirmed this is vulnerable to CVE-2008-5658. If you do not want to maintain unbundled zip module, then please mask and remove.
Comment 2 Christian Hoffmann (RETIRED) 2009-04-12 19:34:37 UTC
Masked and will be removed. # Christian Hoffmann <email@example.com> (12 Apr 2009) # Masked for security (bug 265756), unmaintained upstream (last release # two years ago), will be removed in 30 days. Use dev-lang/php with # USE=zip as a replacement, which is actively maintained and has more # features. dev-php5/pecl-zip
Comment 3 Jaak Ristioja 2010-07-23 08:38:03 UTC
(In reply to comment #2) > Masked and will be removed. And was removed.
Comment 4 Matti Bickel (RETIRED) 2010-12-19 15:15:18 UTC
noglsa? and closing?
Comment 5 Stefan Behte (RETIRED) 2010-12-26 02:27:52 UTC