Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 416821 (CVE-2012-2329)

Summary: <dev-lang/php-5.4.3: Buffer overflow leading to DoS (CVE-2012-2329)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: php-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2329
Whiteboard: ~3 [noglsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2012-05-20 23:48:08 UTC 
CVE-2012-2329 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2329):
  Buffer overflow in the apache_request_headers function in
  sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to
  cause a denial of service (application crash) via a long string in the
  header of an HTTP request.


Please punt vulnerable versions. Thanks.
Comment 1 Ole Markus With (RETIRED) gentoo-dev 2012-05-21 09:32:04 UTC 
Removed in CVS now. Sorry for the delay
Comment 2 Sean Amoss (RETIRED) gentoo-dev Security 2012-05-21 10:55:18 UTC 
(In reply to comment #1)
> Removed in CVS now. Sorry for the delay

Thanks!

Closing noglsa for ~arch only (PHP 5.4.x).