| Summary: | <dev-lang/php-{5.4.17,5.3.27} : DoS (memory exhaustion, application crash) via crafted function definition (CVE-2013-3735) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | php-bugs |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=969996 | ||
| Whiteboard: | A3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 472558 | ||
| Bug Blocks: | |||
Will be stabilised as part of bug 472558. Removed the vulnerable rcs Added to GLSA request. This issue was resolved and addressed in GLSA 201408-11 at http://security.gentoo.org/glsa/glsa-201408-11.xml by GLSA coordinator Kristian Fiskerstrand (K_F). This issue was resolved and addressed in GLSA 201408-11 at http://security.gentoo.org/glsa/glsa-201408-11.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |
From ${URL} : Common Vulnerabilities and Exposures assigned an identifier CVE-2013-3735 to the following vulnerability: ** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted function definition, as demonstrated by an attack within a shared web-hosting environment. NOTE: the vendor's http://php.net/security-note.php page says "for critical security situations you should be using OS-level security by running multiple web servers each as their own user id." References: [1] https://bugs.php.net/bug.php?id=64660 [2] https://github.com/php/php-src/blob/php-5.4.16RC1/NEWS [3] https://github.com/php/php-src/blob/php-5.5.0RC2/NEWS [4] https://github.com/php/php-src/commit/fb58e69a84f4fde603a630d2c9df2fa3be16d846 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.