Summary: | <dev-php/pecl-http-{2.5.6,3.0.1}: Buffer overflow in URL parsing (CVE-2016-5873) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
2016-06-29 06:59:58 UTC
dev-php/pecl-http-3.0.1 (in slot 7) and dev-php/pecl-http-2.5.6 (in slot 2) were added to the tree. It is unclear if the pecl-http-1.x (slot 0) is affected since that code base was abandoned and newer versions are basically a rewrite. The Proof of Concept file is gone from the PHP security bug so I am unable to test it. Just noticed the proof of concent file was put as a test in the new version. I cannot get dev-php/pecl-http-1.7.6-r3 to segfault with 5.5 and the provided file and adjusted script. gdb runs clean in my limited testing. @ Brian: OK. Thanks for testing. And now that PHP 5.5 is EOL and doesn't get sec fixes anymore it wouldn't really matter. @ Arches, please test and mark stable: =dev-php/pecl-http-2.5.6 Stable target(s): amd64 x86 As a reminder to arches, two dependencies must be stabled together with dev-php/pecl-http-2.5.6 Target keywords and packages: =dev-php/pecl-raphf-1.1.2 amd64 x86 =dev-php/pecl-propro-1.0.2 amd64 x86 =dev-php/pecl-http-2.5.6 amd64 x86 amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. The 1.x versions of pecl-http were slated for removal anyway, so I've cleaned them up, even if they aren't in fact vulnerable (comment #2). This issue was resolved and addressed in GLSA 201612-17 at https://security.gentoo.org/glsa/201612-17 by GLSA coordinator Aaron Bauman (b-man). |