Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 20 Aug 2010 13:00:28 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Cc: pierre.php@...il.com, Moritz Muehlenhoff <jmm@...ian.org>,
        "Steven M.
 Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: PHP MOPS-2010-56..60

On Fri, 20 Aug 2010 12:38:31 +0200 Pierre Joye wrote:

> > MOPS-2010-056 - MOPS-2010-060 as subject indicates.  Those are
> > mysqlnd issues and session serializer issue allowing data
> > injection.  Not any from that set of interruption issues that
> > exposed one or two problems in different ways.
> 
> As far as I can tell and see, both the mysqlnd and session issues have
> been fixed.

Raphael posted commit links earlier in this thread.

> Phar: http://svn.php.net/viewvc?view=revision&revision=298667

I'm aware of that commit.  It does not change
php_stream_wrapper_log_error invocation from phar_stream_flush, as
mentioned in MOPS-2010-024:

http://svn.php.net/viewvc/php/php-src/trunk/ext/phar/stream.c?view=markup&pathrev=298667#l471

Hence the question if there is some less obvious change that make that
particular cases non-issue too.

> As far as I remember, the resources related issues are not fixed (-22
> and -03), it is also not new and related to the same bug. I also don't
> think that it will get fixed any time soon as it is not possible to
> fix easily. I think there is already a CVE about this problem.

Are you aware of any good bugs.php.net reference that covers the issue
in greater detail?

Thank you!

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ