Summary: | <dev-lang/php-{5.6.40-r7,7.1.33,7.2.24,7.3.11}: env_path_info underflow in fpm_main (CVE-2019-11043) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | hydrapolic, php-bugs |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugs.php.net/bug.php?id=78599 | ||
Whiteboard: | B1 [glsa cve] | ||
Package list: |
dev-lang/php-7.1.33
dev-lang/php-7.2.24
dev-lang/php-7.3.11
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2019-10-24 13:40:16 UTC
In certain php-fpm configurations, a underflow in env_path_info() from fpm_main.c could lead to RCE. See $URL for details. since this issue impact nextCloud and probably ownCloud instances, can we get to making it stable? [note, working properly on amd64, unmasked] The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1a96c94f084d79006c5e245bd870acb362c1a4dc commit 1a96c94f084d79006c5e245bd870acb362c1a4dc Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-10-24 23:35:14 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-10-24 23:35:27 +0000 dev-libs/oniguruma: security cleanup Bug: https://bugs.gentoo.org/698452 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-libs/oniguruma/oniguruma-6.9.3-r1.ebuild | 34 ---------------------------- 1 file changed, 34 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aff9ca0ff462c2583d1b6fb02aa6866f0d1946fa commit aff9ca0ff462c2583d1b6fb02aa6866f0d1946fa Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-10-24 23:34:40 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-10-24 23:35:26 +0000 dev-libs/oniguruma: move stable keywords Bug: https://bugs.gentoo.org/698452 Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-libs/oniguruma/oniguruma-6.9.3-r2.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) amd64 stable This issue was resolved and addressed in GLSA 201910-01 at https://security.gentoo.org/glsa/201910-01 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for remaining architectures. x86 stable ppc stable ppc64 stable sparc stable hppa stable arm stable Please correct the GLSA as PHP 5 series is not affected. (In reply to Tomek L from comment #13) > Please correct the GLSA as PHP 5 series is not affected. Php 5 is EOL and should not be used. PHP 5 _is_ affected -- GLSA is correct. There's a backport https://github.com/microsoft/php-src/commit/c69bcb212b37900fd61daaf38762e4974cb4dcc9 ... but I don't think Gentoo will do another PHP 5 release. It's scheduled for removal. arm64 stable ia64 stable. Maintainer(s), please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3bb9c52d57dd7694ae6695b844d3bb16fb1bc733 commit 3bb9c52d57dd7694ae6695b844d3bb16fb1bc733 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-11-14 19:50:29 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-11-14 19:50:29 +0000 dev-lang/php: Security cleanup for vulnerable versions Bug: https://bugs.gentoo.org/698452 Package-Manager: Portage-2.3.79, Repoman-2.3.18 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 3 - dev-lang/php/php-7.1.32.ebuild | 736 ---------------------------------------- dev-lang/php/php-7.2.22.ebuild | 748 ---------------------------------------- dev-lang/php/php-7.3.9.ebuild | 749 ----------------------------------------- 4 files changed, 2236 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46ffc05beb6a90b4207adab9f5b7d989fdc2b5c9 commit 46ffc05beb6a90b4207adab9f5b7d989fdc2b5c9 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2019-11-19 10:34:33 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2019-11-19 10:44:37 +0000 dev-lang/php: security bump Bug: https://bugs.gentoo.org/698452 Package-Manager: Portage-2.3.79, Repoman-2.3.18 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-lang/php/Manifest | 2 +- dev-lang/php/{php-5.6.40-r6.ebuild => php-5.6.40-r7.ebuild} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) All done, repository is clean! |