Summary: | <dev-lang/php-5.2.11-r1: Improper colorsTotal structure member verification (CVE-2009-3546) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Tobias Heinlein (RETIRED) <keytoaster> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | graphics+disabled, php-bugs, vapier | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://svn.php.net/viewvc?view=revision&revision=289557 | ||||||
Whiteboard: | B2 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Bug Depends on: | 292130 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Tobias Heinlein (RETIRED)
2009-11-06 15:13:45 UTC
Maintainers, please provide a fixed ebuild. Created attachment 210125 [details, diff]
Fix for gd maxcolors bug
As i can see php herd lacks manpower to fix their bugs, so if noone is against i'll apply this patch and commit later today or tomorrow.
I talked to hoffie last weekend and he said that he wanted to fix it this week. He planned to add some further (non-security) patches for various crashes that can be found in upstream's SVN. I'm not sure if he has enough time to do it, and I think it wouldn't hurt to just commit it. Ok, i've just commited fixed ebuild. Sorry for hurry, but this is important to me. ;) Thanks. Arches, please test and mark stable: =dev-lang/php-5.2.11-r1 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" CVE-2009-3546 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3546): The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. amd64/x86 stable arm stable Stable for HPPA. ppc64 done alpha/ia64/s390/sh/sparc stable ppc stable GLSA 201001-03. Thank you everyone, sorry about the delay. |