php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Sec Bug #61504 Potential vulnerability in fileinfo ext
Submitted: 2012-03-25 12:49 UTC Modified: 2012-04-06 13:31 UTC
From: ab@php.net Assigned: ab (profile)
Status: Closed Package: *Directory/Filesystem functions
PHP Version: Irrelevant OS: all
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ab@php.net
New email:
PHP Version: OS:

 

 [2012-03-25 12:49 UTC] ab@php.net 
Description:
------------
Package : file
Vulnerability : missing bounds checks
Problem type : remote
Debian-specific: no

The bundled libmagick is still of the vulnerable version.

According to this message:
http://www.openwall.com/lists/oss-security/2012/02/20/7

the fix is contained in the following revisions:

https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295
https://github.com/glensc/file/commit/1140872578eedaeecf828f1841d17ff574372dba

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-03-25 13:03 UTC] pajoye@php.net 
And here is the patch Anatoliy wrote for php, based on 5.04:

 http://belsky.info/uploads/my/fileinfo.5.04.1.diff.gz

5.11 update is also on its way and can be done later.
 [2012-03-25 15:23 UTC] ab@php.net 
There are also two patches for the libmagic (already contained in the one posted 
by Pierre)

Security patch for the original libmagick 5.04
http://belsky.info/uploads/my/libmagic.5.04.sec.patch.gz

PHP port
http://belsky.info/uploads/my/libmagic.5.04.php.patch.gz
 [2012-03-25 16:06 UTC] ab@php.net 
Finally, here is the patch containing all three previous together:

http://belsky.info/uploads/my/fileinfo.5.04.2.diff.gz

Contains 
libmagic 5.04 patched and ready to use
libmagic.patch 
tests/magic updated
data_file.c updated
 [2012-03-27 08:00 UTC] ab@php.net 
Here is the patch for libmagic 5.11 against the current code base:

http://belsky.info/uploads/my/fileinfo.5.11.7.diff.gz

Contains 
libmagic 5.11 patched and ready to use
libmagic.patch + fix for a bug in a ported file regex stuff
tests/magic updated
data_file.c updated
 [2012-03-27 12:33 UTC] pierre.php@gmail.com@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11
 [2012-03-27 18:51 UTC] ab@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-03-27 18:51 UTC] ab@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: ab
 [2012-03-27 19:05 UTC] ab@php.net
-Status: Closed +Status: Re-Opened
 [2012-03-28 00:15 UTC] pierre.php@gmail.com@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other
 [2012-03-28 00:16 UTC] pierre.php@gmail.com@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other
 [2012-03-28 07:58 UTC] cataphract@php.net 
Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert "- fix bug #61504, fix build errors on windows and possibly other"
 [2012-03-29 04:23 UTC] cataphract@php.net 
Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert "- fix bug #61504, fix build errors on windows and possibly other"
 [2012-03-29 04:23 UTC] pierre.php@gmail.com@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other
 [2012-03-29 04:23 UTC] pierre.php@gmail.com@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11
 [2012-04-06 13:31 UTC] ab@php.net
-Status: Re-Opened +Status: Closed
 [2014-10-07 23:28 UTC] stas@php.net 
Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert "- fix bug #61504, fix build errors on windows and possibly other"
 [2014-10-07 23:28 UTC] stas@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other
 [2014-10-07 23:28 UTC] stas@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11
 [2014-10-07 23:39 UTC] stas@php.net 
Automatic comment on behalf of cataphract
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=c6e15455a3e7fa62c77728bf29638207f496ac1d
Log: Revert "- fix bug #61504, fix build errors on windows and possibly other"
 [2014-10-07 23:39 UTC] stas@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=74ee335e3aea8c48380334098b8d20eb54d6c6be
Log: - fix bug #61504, fix build errors on windows and possibly other
 [2014-10-07 23:39 UTC] stas@php.net 
Automatic comment on behalf of pierre.php@gmail.com
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=12cf930a403d0bbee0c40a5e93554cafd6b0895e
Log: Fix bug #61504, potential vuln. in fileinfo. update to 5.11
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Dec 26 18:01:31 2024 UTC