oss-sec mailing list archives
Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes)
From: Ramon de C Valle <rdecvalle () vmware com>
Date: Wed, 16 Jul 2014 15:54:19 +0000
On Jul 16, 2014, at 12:16 PM, Tomas Hoger <thoger () redhat com> wrote:
On Tue, 15 Jul 2014 15:10:05 +0000 Ramon de C Valle wrote:First, we don't know what "The same sample works under 1.9.3" means. It might mean "The same AWS sample is also a working vulnerability reproducer when using Ruby 1.9.3." It might instead mean "With this AWS sample, my program works normally when using Ruby 1.9.3; in other words, no vulnerability is observed.”It meant that his sample worked normally when he used Ruby 1.9.3. (I assumed this because the version he specified as containing the bug in the report was Ruby 2.1, and specified Ruby 2.0 as requiring backport, but not Ruby 1.9.3.)It's reasonable to assume that reporter did not touch the "Backport:" field at all. The issue was reported for ruby 2.1.2p168 (see the "ruby -v" field). Backport value was original set to: 2.0.0: UNKNOWN, 2.1: UNKNOWN which happens to be the default value pre-filed into the field for you by the bug tracker when you try create a new issue. You can easily check by visiting: https://urldefense.proofpoint.com/v1/url?u=https://bugs.ruby-lang.org/projects/ruby-trunk/issues/new&k=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0A&r=bZpuVimtRQUx3xHFIlu%2BaciWn3GMzM%2FBnwDoBm5jP8U%3D%0A&m=lvYqyGvlOo5QOKyQaxN7hxz4fIAGdWpnzcVczLGTTHE%3D%0A&s=9741b68b74eb44558252f0c9758238f5eb18199838d2f3821f2214c00241ff20 All changes from UNKNOWN to REQUIRED were not done by the reporter, as you can see from the bug comments. I don't think you can draw the conclusion based on the Backport field.
Yes, you’re right. I didn’t notice that. So, it’s still unclear what the author meant with that statement (i.e., Ruby 1.9.3 may also be affected if there exists another issue).
-- Tomas Hoger / Red Hat Security Response Team
-- Ramon de C Valle VMware Product Security Engineering
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- Re: Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes), (continued)
- Re: Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Tomas Hoger (Jul 10)
- Re: Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Ramon de C Valle (Jul 10)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Ramon de C Valle (Jul 10)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Ramon de C Valle (Jul 14)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Kurt Seifried (Jul 14)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) cve-assign (Jul 14)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Ramon de C Valle (Jul 15)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) cve-assign (Jul 15)
- Re: Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Tomas Hoger (Jul 16)
- Re: Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Tomas Hoger (Jul 16)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Ramon de C Valle (Jul 16)
- Re: Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Ramon de C Valle (Jul 10)
- Re: Fwd: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) Tomas Hoger (Jul 10)
- Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open] segmentation fault/buffer overrun in pack.c (encodes) cve-assign (Jul 17)