From owner-freebsd-security@FreeBSD.ORG Mon Sep 8 16:34:17 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 54FBF1065674 for ; Mon, 8 Sep 2008 16:34:17 +0000 (UTC) (envelope-from jille@quis.cx) Received: from smtp1.versatel.nl (smtp1.versatel.nl [62.58.50.88]) by mx1.freebsd.org (Postfix) with ESMTP id 0C2EA8FC14 for ; Mon, 8 Sep 2008 16:34:15 +0000 (UTC) (envelope-from jille@quis.cx) Received: (qmail 22516 invoked by uid 0); 8 Sep 2008 16:07:34 -0000 Received: from ip83-113-174-82.adsl2.static.versatel.nl (HELO istud.quis.cx) ([82.174.113.83]) (envelope-sender ) by smtp1.versatel.nl (qmail-ldap-1.03) with SMTP for < >; 8 Sep 2008 16:07:34 -0000 Received: from [192.168.1.4] (ille [192.168.1.4]) by istud.quis.cx (Postfix) with ESMTP id A482C5C1D; Mon, 8 Sep 2008 18:07:34 +0200 (CEST) Message-ID: <48C54DBF.3070000@quis.cx> Date: Mon, 08 Sep 2008 18:07:27 +0200 From: Jille Timmermans User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Andrew Storms References: In-Reply-To: X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: "freebsd-security@freebsd.org" Subject: Re: Question on recent PHP VuXML info X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2008 16:34:17 -0000 Andrew Storms wrote: > Not sure if this is the correct place for VuXML questions, but the FreeBSD > VuXML list ( http://lists.freebsd.org/pipermail/freebsd-vuxml/) looks pretty > dead given the last update was in 2007 according to the archives. > > We were previously tracking this entry, which pretty much sat for a while > without an applicable upgradeable resolution available. > > Affected package: php5-posix-5.2.6 > Type of problem: php -- input validation error in posix_access function. > Reference: > .html> > > ----------- > > Then late last week, the same VuXML ID started reporting this information > instead: > > Affected package: php5-5.2.6 > Type of problem: php -- input validation error in safe_mode. > Reference: > .html> > > ------------ > > > The generic question I'm asking is: What happened and why? Seems to me that > if you have a VuXML ID (which, I thought wasn't suppose to be re-used), then > it's name and description shouldn't just apparently change one day. There was an input validation bug in a function that was used in all posix_ functions that used files (http://../ ended up in /) which bypassed safe_mode. > > So is the prior "php5-posix-5.2.6" and the now "php5-5.2.6" with same ID, > the same bug, a new description, does the newer supercede, etc, etc? Where > can I get the background on what went on here? It was only in the posix module, not in entire PHP. ale@ took the fixing patch from PHP-cvs and attached it as a patch to the port a few days ago (or at least committed it) Afaik the vuxml also updated then; and I think ale@ took a look at the patch and changed the vuxml to say the portrevision with that patch wasn't vulnerable anymore, and also clearified the description. -- Jille > > Thanks. > > -_S > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"