oss-sec mailing list archives

Re: CVE request: PHP 5.2.9

From: Tomas Hoger <thoger () redhat com>
Date: Thu, 9 Apr 2009 09:35:38 +0200

On Wed, 8 Apr 2009 14:02:26 -0400 (EDT) "Steven M. Christey"
<coley () linus mitre org> wrote:

# Fixed a crash on extract in zip when files or directories entry
names contain a relative path. (Pierre)
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.48&r2=1.1.2.49

This should only affect php 5.2.7 or versions that have original fix
for CVE-2008-5658 backported.


This was announced in 5.2.9 changelog though, so wouldn't 5.2.8 be
affected?


Ah, sorry for using confusing wording.  I was only trying to say that
the affected code was only introduced in 5.2.7, but anyone backporting
upstream patch for CVE-2008-5658 may actually introduce this problem in
earlier version.  I have no reason to believe 5.2.8 is not affected,
5.2.7 was supposed to give "first affected" version.

-- 
Tomas Hoger / Red Hat Security Response Team

Current thread:

CVE request: PHP 5.2.9 Tomas Hoger (Apr 01)
- Re: CVE request: PHP 5.2.9 Steven M. Christey (Apr 08)
  - Re: CVE request: PHP 5.2.9 Tomas Hoger (Apr 09)
  - Re: CVE request: PHP 5.2.9 Christian Hoffmann (Apr 14)
    - Re: CVE request: PHP 5.2.9 Steven M. Christey (Apr 24)