214576 – dev-php5/pecl-apc <=3.0.16 Usage of strcpy in apc.c can cause stack corruption with long filenames (CVE-2008-1488)

Bug 214576 - dev-php5/pecl-apc <=3.0.16 Usage of strcpy in apc.c can cause stack corruption with long filenames (CVE-2008-1488)

Summary: dev-php5/pecl-apc <=3.0.16 Usage of strcpy in apc.c can cause stack corruptio...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://pecl.php.net/bugs/bug.php?id=1...
Whiteboard:	C1 [glsa]
Keywords:

Depends on:
Blocks:

Reported:	2008-03-24 19:06 UTC by Hanno Böck
Modified:	2008-04-09 09:50 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
pecl-apc-3.0.16-CVE-2008-1488.patch (pecl-apc-3.0.16-CVE-2008-1488.patch,732 bytes, patch) 2008-03-28 14:20 UTC, Jan Rieger	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hanno Böck gentoo-dev

2008-03-24 19:06:15 UTC

See upstream bug report. No upstream fix yet.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2008-03-24 19:32:08 UTC

cve requested via http://thread.gmane.org/gmane.comp.security.oss.general/150

Comment 2 Jakub Moc (RETIRED) gentoo-dev

2008-03-25 23:00:25 UTC

3.0.17 InCVS...

Comment 3 Hanno Böck gentoo-dev

2008-03-26 00:22:01 UTC

archs, please stabilize

Comment 4 Hanno Böck gentoo-dev

2008-03-26 02:11:52 UTC

3.0.17 causes unreliably error 500 messages on my server, so probably needs further investigation.

Comment 5 Robert Buchholz (RETIRED) gentoo-dev

2008-03-26 23:14:31 UTC

back to [ebuild] then.

Comment 6 Jan Rieger 2008-03-28 13:18:36 UTC

3.0.17 causes segmentation faults, see http://pecl.php.net/bugs/bug.php?id=13511

There is a 3.0.16 ebuild available at http://christian-seiler.de/temp/pecl-apc-3.0.16-CVE-overlay.tar.gz including a patch for CVE-2008-1488 that doesn't cause segmentation faults for me on amd64.

Comment 7 Robert Buchholz (RETIRED) gentoo-dev

2008-03-28 14:07:54 UTC

(In reply to comment #6)
> 3.0.17 causes segmentation faults, see
> http://pecl.php.net/bugs/bug.php?id=13511
> 
> There is a 3.0.16 ebuild available at
> http://christian-seiler.de/temp/pecl-apc-3.0.16-CVE-overlay.tar.gz including a
> patch for CVE-2008-1488 that doesn't cause segmentation faults for me on amd64.

Jan, can you please simply attach the patch (and any non-trivial changes to the ebuild) on this bug? Thanks.

Comment 8 Jan Rieger 2008-03-28 14:20:14 UTC

Created attachment 147546 [details, diff]
pecl-apc-3.0.16-CVE-2008-1488.patch

(In reply to comment #7)
> Jan, can you please simply attach the patch (and any non-trivial changes to the
> ebuild) on this bug? Thanks.

Added pecl-apc-3.0.16-CVE-2008-1488.patch

The only addidtion to the ebuild is:

	epatch "${FILESDIR}"/${P}-CVE-2008-1488.patch

Comment 9 Jakub Moc (RETIRED) gentoo-dev

2008-03-28 19:23:55 UTC

(In reply to comment #8)
> Created an attachment (id=147546) [edit]
> pecl-apc-3.0.16-CVE-2008-1488.patch

3.0.16-r1 committed with this patch; lets give it another try...

Comment 10 Markus Meier gentoo-dev

2008-03-28 21:43:26 UTC

amd64/x86 stable

Comment 11 Hanno Böck gentoo-dev

2008-03-29 13:53:35 UTC

Upstream has released 3.0.18 which should fix the .17-problems.

Comment 12 Raúl Porcel (RETIRED) gentoo-dev

2008-03-30 10:47:41 UTC

sparc stable

Comment 13 Tobias Scherbaum (RETIRED) gentoo-dev

2008-03-31 18:50:54 UTC

ppc stable

Comment 14 Robert Buchholz (RETIRED) gentoo-dev

2008-04-03 14:46:27 UTC

request filed.

Comment 15 Robert Buchholz (RETIRED) gentoo-dev

2008-04-09 09:50:28 UTC

GLSA 200804-07, thanks.