Summary: | <dev-lang/php-{5.3.28,5.4.23,5.5.7}: heap-based buffer over-read in DateInterval (CVE-2013-6712) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1035670 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 494240 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2013-11-28 11:19:54 UTC
It is ready. Go ahead. (In reply to Ole Markus With from comment #1) > It is ready. Go ahead. What about the previous series? (5.4-5.3) (In reply to Agostino Sarubbo from comment #2) > (In reply to Ole Markus With from comment #1) > > It is ready. Go ahead. > > What about the previous series? (5.4-5.3) 5.4 should have a fix already. 5.3 is affected, but do not have a release with a fix. CVE-2013-6712 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6712): The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification. Are we ready for stabilization on all trees effected for this? (In reply to Yury German from comment #5) > Are we ready for stabilization on all trees effected for this? Sure. Also, a fix for 5.3 has been released and is available in the tree. Arches, please test and mark stable: =dev-lang/php-5.3.28 =dev-lang/php-5.4.23 =dev-lang/php-5.5.7 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86" amd64 stable x86 stable ppc stable ppc64 stable sparc stable (In reply to Agostino Sarubbo from comment #8) > amd64 stable What combination of USE flags allowed you to work around bug #494240? arm stable alpha stable Bug 494240 prevented certain people from merging php-5.3.28. I committed a revbump that fixes this issue. If we could have this version stabilied, that would be much appreciated. (In reply to Ole Markus With from comment #16) > Bug 494240 prevented certain people from merging php-5.3.28. I committed a > revbump that fixes this issue. If we could have this version stabilied, that > would be much appreciated. You'll need to add the arch aliases back, then. CC'ing ago had no effect. Stable for HPPA. ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. (In reply to Ole Markus With from comment #16) > Bug 494240 prevented certain people from merging php-5.3.28. I committed a > revbump that fixes this issue. If we could have this version stabilied, that > would be much appreciated. amd64 stable on that Added to existing GLSA draft. Maintainer(s), please drop the vulnerable version(s). Arches and Mainter(s), Thank you for your work. This issue was resolved and addressed in GLSA 201408-11 at http://security.gentoo.org/glsa/glsa-201408-11.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |