Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC

Bug 626460 (CVE-2017-11362)

Summary: <dev-lang/php-{7.0.21, 7.1.7}: Stack-based buffer over-read in msgfmt_parse_message function
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: php-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1475373
Whiteboard: A3 [glsa cve]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2017-07-28 15:12:31 UTC
From ${URL} :

In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7,
ext/intl/msgformat/msgformat_parse.c does not restrict the locale
length, which allows remote attackers to cause a denial of service
(stack-based buffer overflow and application crash) or possibly have
unspecified other impact within International Components for Unicode
(ICU) for C/C++ via a long first argument to the msgfmt_parse_message
function.

Upstream bug:

https://bugs.php.net/bug.php?id=73473

Upstream patch:

http://git.php.net/?p=php-src.git;a=commit;h=95c4564f939c916538579ef63602a3cd31941c51


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Michael Orlitzky gentoo-dev 2017-07-29 11:37:33 UTC
Those versions are already being stabilized in bug 624052.
Comment 2 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-09-24 14:54:27 UTC
Added to a GLSA Request 

@Security please add cve to database

Gentoo Security Padawan
ChrisADR
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-09-24 19:03:23 UTC
This issue was resolved and addressed in
 GLSA 201709-21 at https://security.gentoo.org/glsa/201709-21
by GLSA coordinator Aaron Bauman (b-man).