579306 – (CVE-2015-8865) <sys-apps/file-5.23: Buffer over-write in finfo_open with malformed magic file

Bug 579306 (CVE-2015-8865) - <sys-apps/file-5.23: Buffer over-write in finfo_open with malformed magic file

Summary: <sys-apps/file-5.23: Buffer over-write in finfo_open with malformed magic file

Status:	RESOLVED FIXED

Alias:	CVE-2015-8865

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal major
Assignee:	Gentoo Security

URL:	http://bugs.gw.com/view.php?id=522
Whiteboard:	A2 [glsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2016-04-08 08:37 UTC by Agostino Sarubbo
Modified:	2017-01-17 23:47 UTC (History)
CC List:	1 user (show)

See Also:	http://bugs.gw.com/view.php?id=522 https://bugzilla.redhat.com/show_bug.cgi?id=1323118 https://bugs.php.net/bug.php?id=71527
Package list:	=sys-apps/file-5.25
Runtime testing required:	No

Flags:	kensington: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2016-04-08 08:37:50 UTC

From ${URL} :

Buffer over-write vulnerability in finfo_open triggered by malformed magic file was found, causing 
segfault when running with environment variable USE_ZEND_ALLOC set to 0, and also when compiled 
with ASAN with USE_ZEND_ALLOC set and unset.

This issue was fixed in file-5.23.

Upstream bug (contains reproducer):

http://bugs.gw.com/view.php?id=522

PHP bug:

https://bugs.php.net/bug.php?id=71527


@maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.

Comment 1 SpanKY gentoo-dev

2016-04-11 17:24:42 UTC

stabilizing file-5.25 should be fine

Comment 2 Aaron Bauman (RETIRED) gentoo-dev

2016-11-24 10:15:09 UTC

@arches, please stabilize:

=sys-apps/file-5.25

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2017-01-10 15:44:18 UTC

ia64/sparc...

Comment 4 Agostino Sarubbo gentoo-dev

2017-01-11 10:40:44 UTC

sparc stable

Comment 5 GLSAMaker/CVETool Bot gentoo-dev

2017-01-17 09:21:30 UTC

This issue was resolved and addressed in
 GLSA 201701-42 at https://security.gentoo.org/glsa/201701-42
by GLSA coordinator Aaron Bauman (b-man).

Comment 6 Aaron Bauman (RETIRED) gentoo-dev

2017-01-17 09:27:55 UTC

Reopened for ia64 stable then cleanup.

Comment 7 Agostino Sarubbo gentoo-dev

2017-01-17 14:28:30 UTC

ia64 stable.

Maintainer(s), please cleanup.

Comment 8 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev

2017-01-17 16:25:46 UTC

commit 0d0ddd19f8af195c7ec4e60a4db7ca3dba756c2f
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Tue Jan 17 16:17:02 2017

    sys-apps/file: Removed old.

    Package-Manager: Portage-2.3.3, Repoman-2.3.1