Summary: | <www-apache/libapreq2-2.17: buffer overflow in multipart form uploads | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | maintainer-needed, sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.apache.org/thread/2fsjoor96d47vtkpf76x4yo06nccvy1y | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 877035 | ||
Bug Blocks: |
Description
John Helmert III
2022-08-25 15:06:58 UTC
From 2.17 release notes: 3 4 @section v2_17 Changes with libapreq2-2.17 (released 25 August, 2022) 5 6 - Multipart header parser [Yann Ylavic] 7 Rework apreq_parse_headers() to discard CRLF of folded values. (In reply to Sam James from comment #1) > From 2.17 release notes: > > 3 > 4 @section v2_17 Changes with libapreq2-2.17 (released 25 August, 2022) > 5 > 6 - Multipart header parser [Yann Ylavic] > 7 Rework apreq_parse_headers() to discard CRLF of folded values. Hm, are we sure this fixes the CVE? I asked on oss-security if there was a fixed version, and nobody responded: https://www.openwall.com/lists/oss-security/2022/08/26/4 In any case, GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7972f8b0e22a8628bd9af218513ccc02bde0cc4d commit 7972f8b0e22a8628bd9af218513ccc02bde0cc4d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-03 10:05:03 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-03 10:05:30 +0000 [ GLSA 202305-20 ] libapreq2: Buffer Overflow Bug: https://bugs.gentoo.org/866536 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202305-20.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=14bc66f742da33942bd55ff8858ae54210039e73 commit 14bc66f742da33942bd55ff8858ae54210039e73 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-05-03 10:09:14 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-03 10:09:14 +0000 www-apache/libapreq2: drop 2.16-r1 Bug: https://bugs.gentoo.org/866536 Signed-off-by: Sam James <sam@gentoo.org> www-apache/libapreq2/Manifest | 1 - www-apache/libapreq2/libapreq2-2.16-r1.ebuild | 80 --------------------------- 2 files changed, 81 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=732f6cefb4a1e4884e3fa3048d18faa0babd014a commit 732f6cefb4a1e4884e3fa3048d18faa0babd014a Author: Sam James <sam@gentoo.org> AuthorDate: 2023-05-04 07:06:24 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-04 07:06:24 +0000 [ GLSA 202305-20 ] Fix description Bug: https://bugs.gentoo.org/905652 Bug: https://bugs.gentoo.org/866536 Signed-off-by: Sam James <sam@gentoo.org> glsa-202305-20.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) |