| Summary: | <dev-lang/php-5.3.14: integer overflow in phar, des crypt vulnerability (CVE-2012-{2143,2386,3450}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | php-bugs |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://secunia.com/advisories/44335 | ||
| Whiteboard: | B2 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Hanno Böck
2012-06-16 21:13:33 UTC
Thanks, Hanno. @php, ok to stabilize 5.3.14? Please go ahead Arches, please test and mark stable: =dev-lang/php-5.3.14 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" x86 stable amd64 stable Stable for HPPA. arm stable alpha/ia64/s390/sh/sparc stable ppc done CVE-2012-2386 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2386): Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow. ppc64 will continue in bug 427354 CVE-2012-3450 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3450): pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value. Thanks, everyone. Adding to existing GLSA request. This issue was resolved and addressed in GLSA 201209-03 at http://security.gentoo.org/glsa/glsa-201209-03.xml by GLSA coordinator Sean Amoss (ackle). |
