Bug#637376: perl: Encode security: Unicode.xs!decode_xs n-byte heap-overflow
severity 637376 important thanks On Sun, Aug 21, 2011 at 06:52:28PM +0300, Niko Tyni wrote: retitle 637376 perl: [CVE-2011-2939] Encode security: Unicode.xs!decode_xs n-byte heap-overflow thanks On Wed, Aug 10, 2011 at 06:52:43PM +0100, Dominic Hargreaves wrote: Package: perl Version: 5.12.4-3 Severity: grave Tags: security Justification: user security hole Encode 2.44 has been released with the following change: ! Unicode/Unicode.xs Addressed the following: Date: Fri, 22 Jul 2011 13:58:43 +0200 From: Robert Zacek za...@avast.com To: perl5-security-rep...@perl.org Subject: Unicode.xs!decode_xs n-byte heap-overflow I haven't seen any further details about this one, but setting severity to grave for now. Quoting Josh Bresser in http://www.openwall.com/lists/oss-security/2011/08/19/17 I'm going to assign this CVE-2011-2939. It looks like a single byte overflow. It's probably not exploitable (even as a DoS), but to play it safe, I'm assigning this ID. I get the impression that upstream agrees with this low potential for exploitability, so I'm lowering the severity of this bug. I suggest we wait for upstream to make stable releases including the fix before pushing this out to squeeze/lenny (I had a look at lenny and the code is, as Niko mentioned, completely different), so it's unlikely that this problem exists in the same form, there. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#637376: perl: Encode security: Unicode.xs!decode_xs n-byte heap-overflow
retitle 637376 perl: [CVE-2011-2939] Encode security: Unicode.xs!decode_xs n-byte heap-overflow thanks On Wed, Aug 10, 2011 at 06:52:43PM +0100, Dominic Hargreaves wrote: Package: perl Version: 5.12.4-3 Severity: grave Tags: security Justification: user security hole Encode 2.44 has been released with the following change: ! Unicode/Unicode.xs Addressed the following: Date: Fri, 22 Jul 2011 13:58:43 +0200 From: Robert Zacek za...@avast.com To: perl5-security-rep...@perl.org Subject: Unicode.xs!decode_xs n-byte heap-overflow I haven't seen any further details about this one, but setting severity to grave for now. Quoting Josh Bresser in http://www.openwall.com/lists/oss-security/2011/08/19/17 I'm going to assign this CVE-2011-2939. It looks like a single byte overflow. It's probably not exploitable (even as a DoS), but to play it safe, I'm assigning this ID. -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#637376: perl: Encode security: Unicode.xs!decode_xs n-byte heap-overflow
On Wed, Aug 10, 2011 at 06:52:43PM +0100, Dominic Hargreaves wrote: Encode 2.44 has been released with the following change: ! Unicode/Unicode.xs Addressed the following: Date: Fri, 22 Jul 2011 13:58:43 +0200 From: Robert Zacek za...@avast.com To: perl5-security-rep...@perl.org Subject: Unicode.xs!decode_xs n-byte heap-overflow This has been fixed in libencode-perl 2.44-1; it probably also needs fixing in perl. The relevant patch appears to be http://perl5.git.perl.org/perl.git/commitdiff/e46d973584785af1f445c4dedbee4243419cb860#patch5 I haven't seen any further details about this one, but setting severity to grave for now. Now fixed in experimental, sid, and wheezy. Fix prepared for squeeze in git (http://anonscm.debian.org/gitweb/?p=perl/perl-squeeze.git). Awaiting more information from upstream about the issue before considering a DSA. The code in lenny is completely different, and I don't feel qualified to say whether the issue exists there. -- Dominic Hargreaves | http://www.larted.org.uk/~dom/ PGP key 5178E2A5 from the.earth.li (keyserver,web,email) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#637376: perl: Encode security: Unicode.xs!decode_xs n-byte heap-overflow
Package: perl Version: 5.12.4-3 Severity: grave Tags: security Justification: user security hole Encode 2.44 has been released with the following change: ! Unicode/Unicode.xs Addressed the following: Date: Fri, 22 Jul 2011 13:58:43 +0200 From: Robert Zacek za...@avast.com To: perl5-security-rep...@perl.org Subject: Unicode.xs!decode_xs n-byte heap-overflow This has been fixed in libencode-perl 2.44-1; it probably also needs fixing in perl. The relevant patch appears to be http://perl5.git.perl.org/perl.git/commitdiff/e46d973584785af1f445c4dedbee4243419cb860#patch5 I haven't seen any further details about this one, but setting severity to grave for now. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org