Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 281955 (CVE-2009-1884)

Summary: <perl-core/Compress-Raw-Bzip2-2.020: Off-by-one buffer overflow (CVE-2009-1884)
Product: Gentoo Security Reporter: Robert Buchholz (RETIRED) <rbu>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: perl
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://search.cpan.org/diff?from=Compress-Raw-Bzip2-2.017&to=Compress-Raw-Bzip2-2.019&w=1
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on: 273141    
Bug Blocks:    
Attachments:
Description Flags
CVE-2009-1884.patch none

Description Robert Buchholz (RETIRED) gentoo-dev 2009-08-18 19:17:57 UTC
(based on an email by Niko Tyni of Debian)

CVE-2009-1884:
  Paul Marquess <Paul.Marquess@ntlworld.com>, the upstream author of
  Compress-Raw-{Zlib,Bzip2}, reported that Compress-Raw-Bzip2 has an
  identical off-by-one buffer overflow as Compress-Raw-Zlib (CVE-2009-1391).

The bug was fixed upstream in 2.018, patch is attached for reference.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2009-08-18 19:18:38 UTC
Created attachment 201642 [details, diff]
CVE-2009-1884.patch
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2009-08-18 19:19:08 UTC
=perl-core/Compress-Raw-Bzip2-2.020 is stable, so this is glsa-ready.
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-08-18 21:41:26 UTC
GLSA 200908-07
Comment 4 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-08-19 22:11:05 UTC
CVE-2009-1884 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1884):
  Off-by-one error in the bzinflate function in Bzip2.xs in the
  Compress-Raw-Bzip2 module before 2.018 for Perl allows
  context-dependent attackers to cause a denial of service (application
  hang or crash) via a crafted bzip2 compressed stream that triggers a
  buffer overflow, a related issue to CVE-2009-1391.