oss-sec mailing list archives
Re: Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName
From: "Steven R. Loomis" <srl () icu-project org>
Date: Thu, 24 Nov 2016 22:54:20 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Thanks. I’ve also updated https://sites.google.com/site/icusite/security Hopefully we will work more closely and quickly in the future. Steven -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJYN+ASAAoJEKyl2+H9j6vxBdEIANRofsWFNel4N4ww/fN2VcMn lLjAEbb1KZkvLrsCCpJWZZYDfsFDdxkp8KeRVi/NehyZiNEczElRSwY/V/mtagaZ LmYe4AilNB64+uJnIUzkAIV3qFh1YFIRKAtqsQT/Wn+y1gLl2EwMEmuiVT97ynoC pTJqla4EMi7HKznbo8B6pYy3DIh7wBRY01SrjK+npZ32yWyPGMbENJ8Gx0mDOVGV sYQMlHl7BdIMhXufw6vZFZPJUv7gKbkJo//8Hjvj0cjheToaVaHTDMvZn8tLUmB4 jzCusjYjsmm1NY3JlKJgZEYj/3Z8uXZu3AI3nG/hXdoRqvqOKeB/VWWywXME+Do= =eyIZ -----END PGP SIGNATURE----- El 11/24/16 4:51 PM, "cve-assign () mitre org" <cve-assign () mitre org> escribió:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256https://bugzilla.redhat.com/show_bug.cgi?id=1383569http://bugs.icu-project.org/trac/ticket/10891 http://bugs.icu-project.org/trac/changeset/35699https://bugs.php.net/bug.php?id=67397Note that the PHP bug is exactly the same flaw, but they worked around it by limiting the length of strings passed to icu. I don't believe this needs a separate CVE even though it was "fixed" independently.Use CVE-2014-9911 for the ICU vulnerability, and use CVE-2014-9912 for the PHP vulnerability. Admittedly, the code changes in ICU and PHP had the same motivation. However, the code is not shared between ures_getByKeyWithFallback in ICU and get_icu_disp_value_src_php in PHP. Thus, two CVE IDs exist. This is also consistent with similar ICU/PHP situations in the http://www.openwall.com/lists/oss-security/2016/07/24/2 and http://www.openwall.com/lists/oss-security/2016/09/15/10 posts. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYN4pmAAoJEHb/MwWLVhi2iXQP/0p5ye6sA3p3BNLXi1HvLKN3 kTljswgWfZxD5/GINLjMGzf0Gr94weE6GfbxmrYbenjmghKTPU+tRgfpOd6TwteU kai0Vuluk020bYb9d769qyYc47rzKZ0h5FJCc/Ef+kQNWPMOHS+ogF8D11p575W0 gFZyiw9h5HNHT7A5VV1NisFN607Q3IwJncNZfI1PLwZJ/t1dtNI8HGsKZCo5tlKq ZdWIibAuVThj9k4OKmZfdxe3SHInFv2dfDoLXwQH+hwnLLs7xkN3X5Tu/PXpkqtV cc/eqZTRW1TSxou4p0S8T7d410z3WArVecVNfFZxv58xua+Goj/bXwPRuAUQTY8q SpuR3NDwFoM23IURqTStQ/+NXbhGtjJpUltQjZ776hBEm/S/rljYMA5sJs4sBtjI VsiA8jqjeewOheQQnEOA/VVH8JvQQ8AATOKD6gRkDCuxTYwhemabzR9jUOpVP/Cv 9f/4e/KIYug2wHcfTtEoqZEGtgIEQRdcGpEjOq7y7X9ETMWnTRNh1iIzKVOilFyv uCcNE1m0JJPALb0p72AqDb5rEL8cWynrvNQrcLifONF5/65uEa+5Hi4rXhayaQN1 MDo0OTwKJUw90vhEeLP+hTx3bQJtp6bRTfz1avIhEmG0DmoErm9opAj/pK7o8uWV 1EQnxE97WQjHimhYejXd =jGfq -----END PGP SIGNATURE-----
Current thread:
- CVE request: icu: stack-based buffer overflow in uloc_getDisplayName Doran Moppert (Nov 24)
- Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName cve-assign (Nov 24)
- Re: Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName Steven R. Loomis (Nov 25)
- Re: CVE request: icu: stack-based buffer overflow in uloc_getDisplayName cve-assign (Nov 24)