|Summary:||<perl-core/Compress-Raw-Zlib-2.020: Off-by-one (CVE-2009-1391)|
|Product:||Gentoo Security||Reporter:||Eray Aslan <eras>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Package list:||Runtime testing required:||---|
|Bug Depends on:||268615|
Description Eray Aslan 2009-06-08 05:50:03 UTC
perl-core/Compress-Raw-Zlib-2.015 (current stable) has a buffer overflow which was corrected in perl-core/Compress-Raw-Zlib-2.017. It results in hanged process during email checking. Examples were seen in the wild. Please check the above URL for the details. Please unmask and stabilize perl-core/Compress-Raw-Zlib-2.020 (latest release. currently hard masked) or at least anything >=perl-core/Compress-Raw-Zlib-2.017 Reproducible: Always
Comment 1 Torsten Veller (RETIRED) 2009-06-10 14:33:33 UTC
The versions are unmasked. If early stabilization is wanted, all of the following should be stabilized: =perl-core/IO-Compress-2.020 =perl-core/Compress-Raw-Zlib-2.020 =perl-core/Compress-Raw-Bzip2-2.020 =virtual/perl-IO-Compress-2.020 =virtual/perl-Compress-Raw-Zlib-2.020 =virtual/perl-Compress-Raw-Bzip2-2.020 =virtual/perl-Compress-Zlib-2.020 =virtual/perl-IO-Compress-Zlib-2.020 =virtual/perl-IO-Compress-Bzip2-2.020 =virtual/perl-IO-Compress-Base-2.020
Comment 3 Ferris McCormick (RETIRED) 2009-06-12 21:26:15 UTC
Sparc stable: Files=7, Tests=684, 11 wallclock secs ( 0.49 usr 0.06 sys + 9.61 cusr 0.29 csys = 10.45 CPU) Result: PASS
Comment 4 Jeroen Roovers (RETIRED) 2009-06-13 15:47:42 UTC
Stable for HPPA.
Comment 5 Raúl Porcel (RETIRED) 2009-06-14 10:18:24 UTC
Uh...i wonder why hppa and sparc ignored all the stabilizations on comment #1 :) I've fixed sparc. hppa: please also stabilize everything else. alpha/arm/ia64/m68k/s390/sh/sparc/x86 stable
Comment 6 Jeroen Roovers (RETIRED) 2009-06-14 14:57:33 UTC
(In reply to comment #5) > Uh...i wonder why hppa and sparc ignored all the stabilizations on comment #1 > :) I've fixed sparc. Because the bug's Summary is misleading, I guess. > hppa: please also stabilize everything else. Thanks for the hint.
Comment 7 Jeroen Roovers (RETIRED) 2009-06-14 16:20:32 UTC
Comment 8 Alex Legler (RETIRED) 2009-06-17 10:18:37 UTC
CVE-2009-1391 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1391): Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009.
Comment 9 Brent Baude (RETIRED) 2009-06-19 00:27:20 UTC
Comment 10 Torsten Veller (RETIRED) 2009-06-22 20:53:04 UTC
Comment 11 Torsten Veller (RETIRED) 2009-07-13 07:34:30 UTC
@ppc: Can you please process this bug.
Comment 12 nixnut (RETIRED) 2009-07-19 17:08:54 UTC
ppc stable. closing since we're last
Comment 13 Alex Legler (RETIRED) 2009-07-19 17:33:19 UTC
GLSA first. Request filed.
Comment 14 Alex Legler (RETIRED) 2009-08-18 21:41:21 UTC