Summary: | <dev-cpp/yaml-cpp-0.6.3-r2: DoS (assertion failure and application exit) via a '!2' string | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | johu |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.secnews24.com/2017/07/30/cve-2017-11692-the-function-token-scannerpeek-in-scanner-cpp-in-yaml-cpp-0-5-3-and-earlier-allows-re/ | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 713464 | ||
Bug Blocks: |
Description
Christopher Díaz Riveros (RETIRED)
2017-07-30 20:14:23 UTC
The Github issue report is here https://github.com/jbeder/yaml-cpp/issues/519, for future reference. The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string. RedHat states they will not fix: https://access.redhat.com/security/cve/cve-2017-11692 Maintainers, please take a look and provide your opinion. This has been around for a while and we need to decide what to do with it. Upstream seems not to care. If no reverse dep would be there I would be last rite it. On the other hand it is a minor issue. (In reply to Johannes Huber from comment #3) > Upstream seems not to care. If no reverse dep would be there I would be last > rite it. On the other hand it is a minor issue. Patch: https://github.com/jbeder/yaml-cpp/commit/c9460110e072df84b7dee3eb651f2ec5df75fb18 @maintainer(s): ok to create a new ebuild with this? The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f506b95e837aebf001b41ed1bcd19bda82d3ee47 commit f506b95e837aebf001b41ed1bcd19bda82d3ee47 Author: Johannes Huber <johu@gentoo.org> AuthorDate: 2020-03-20 11:35:37 +0000 Commit: Johannes Huber <johu@gentoo.org> CommitDate: 2020-03-20 11:36:48 +0000 dev-cpp/yaml-cpp: Fix CVE-2017-11692 Bug: https://bugs.gentoo.org/626662 Thanks-to: sam_c (Security Padawan) <sam@cmpct.info> Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Johannes Huber <johu@gentoo.org> .../files/yaml-cpp-0.6.3-CVE-2017-11692.patch | 44 ++++++++++++++++++++ dev-cpp/yaml-cpp/yaml-cpp-0.6.3-r2.ebuild | 48 ++++++++++++++++++++++ 2 files changed, 92 insertions(+) Unable to check for sanity:
> dependent bug #713464 is missing keywords
Resetting sanity check; package list is empty or all packages are done. @maintainer(s), please cleanup GLSA vote: yes This issue was resolved and addressed in GLSA 202007-14 at https://security.gentoo.org/glsa/202007-14 by GLSA coordinator Sam James (sam_c). (In reply to GLSAMaker/CVETool Bot from comment #10) > This issue was resolved and addressed in > GLSA 202007-14 at https://security.gentoo.org/glsa/202007-14 > by GLSA coordinator Sam James (sam_c). Reopening for cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=df25aa0798f692e44a99922e9a27d013fafc0bd7 commit df25aa0798f692e44a99922e9a27d013fafc0bd7 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-07-19 22:32:55 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-27 02:18:14 +0000 dev-cpp/yaml-cpp: Cleanup <0.6.3-r2 Bug: https://bugs.gentoo.org/626662 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/16622 Signed-off-by: Sam James <sam@gentoo.org> dev-cpp/yaml-cpp/Manifest | 1 - .../files/yaml-cpp-0.6.2-CVE-2017-5950.patch | 45 -------------- .../files/yaml-cpp-0.6.2-unbundle-gtest.patch | 70 ---------------------- dev-cpp/yaml-cpp/yaml-cpp-0.6.2.ebuild | 42 ------------- dev-cpp/yaml-cpp/yaml-cpp-0.6.3-r1.ebuild | 45 -------------- 5 files changed, 203 deletions(-) |