Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 281955 (CVE-2009-1884) - <perl-core/Compress-Raw-Bzip2-2.020: Off-by-one buffer overflow (CVE-2009-1884)
Summary: <perl-core/Compress-Raw-Bzip2-2.020: Off-by-one buffer overflow (CVE-2009-1884)
Status: RESOLVED FIXED
Alias: CVE-2009-1884
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://search.cpan.org/diff?from=Comp...
Whiteboard: B2 [glsa]
Keywords:
Depends on: CVE-2009-1391
Blocks:
  Show dependency tree
 
Reported: 2009-08-18 19:17 UTC by Robert Buchholz (RETIRED)
Modified: 2009-08-19 22:11 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
CVE-2009-1884.patch (CVE-2009-1884.patch,801 bytes, patch)
2009-08-18 19:18 UTC, Robert Buchholz (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2009-08-18 19:17:57 UTC
(based on an email by Niko Tyni of Debian)

CVE-2009-1884:
  Paul Marquess <Paul.Marquess@ntlworld.com>, the upstream author of
  Compress-Raw-{Zlib,Bzip2}, reported that Compress-Raw-Bzip2 has an
  identical off-by-one buffer overflow as Compress-Raw-Zlib (CVE-2009-1391).

The bug was fixed upstream in 2.018, patch is attached for reference.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2009-08-18 19:18:38 UTC
Created attachment 201642 [details, diff]
CVE-2009-1884.patch
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2009-08-18 19:19:08 UTC
=perl-core/Compress-Raw-Bzip2-2.020 is stable, so this is glsa-ready.
Comment 3 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2009-08-18 21:41:26 UTC
GLSA 200908-07
Comment 4 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2009-08-19 22:11:05 UTC
CVE-2009-1884 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1884):
  Off-by-one error in the bzinflate function in Bzip2.xs in the
  Compress-Raw-Bzip2 module before 2.018 for Perl allows
  context-dependent attackers to cause a denial of service (application
  hang or crash) via a crafted bzip2 compressed stream that triggers a
  buffer overflow, a related issue to CVE-2009-1391.