[Secure-testing-team] Bug#863313: libonig: CVE-2017-9225
Salvatore Bonaccorso
carnil at debian.org
Thu May 25 11:37:54 UTC 2017
Source: libonig
Version: 6.1.3-1
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/kkos/oniguruma/issues/56
Hi,
the following vulnerability was published for libonig.
CVE-2017-9225[0]:
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in
| Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack
| out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str()
| occurs during regular expression compilation. Code point 0xFFFFFFFF is
| not properly handled in unicode_unfold_key(). A malformed regular
| expression could result in 4 bytes being written off the end of a stack
| buffer of expand_case_fold_string() during the call to
| onigenc_unicode_get_case_fold_codes_by_str(), a typical stack buffer
| overflow.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-9225
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9225
[1] https://github.com/kkos/oniguruma/issues/56
[2] https://github.com/kkos/oniguruma/commit/166a6c3999bf06b4de0ab4ce6b088a468cc4029f
Please adjust the affected versions in the BTS as needed. AFAICT this
only affects the version in stretch and sid, but not older.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list