Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 8 Aug 2008 16:45:00 +0100
From: Joe Orton <jorton@...hat.com>
To: Christian Hoffmann <hoffie@...too.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request: php-5.2.6 overflow issues

On Fri, Aug 08, 2008 at 04:55:37PM +0200, Christian Hoffmann wrote:
> On 2008-08-08 16:01, Joe Orton wrote:
>> The explode() bug could only be triggered if a script passed a 
>> delimiter from untrusted script input without sanitizing/checking it 
>> first, which is fairly pathological behaviour.  I would call that a 
>> script bug, not an issue in the PHP interpreter.
> Ok, sounds reasonable.
>
> No idea whether a CVE should be assigned anyway -- if it does indeed  
> allow for (local) code execution, that'd effectively mean bypass of  
> safe_mode/open_basedir. Such issues already got CVEs assigned in the  
> pass, so I guess this one should as well.

We (Red Hat) don't consider bugs which allow bypass of safe_mode or 
open_basedir to be security issues; opinions here vary but having a CVE 
name is useful anyway so that the issue can be identified definitively.

Regards, Joe

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ