From owner-freebsd-security@FreeBSD.ORG  Tue Nov 18 15:53:12 2008
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9D0641065672;
	Tue, 18 Nov 2008 15:53:12 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id 45D6A8FC1D;
	Tue, 18 Nov 2008 15:53:12 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru;
	h=Received:Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender;
	b=iE0fWx850M+5KehlgehhVIdz00szcM//T5u4FBEtxKWe5xQn+5pU6Bs4hTERcGGIZFcPkmJse3PJJrIW1f20CQyVRjCXexfAovq/SwvgdWPn5ZHixSaOU4mgLVMggoCTHjLUX8x8p4i8bO6JiPmsY7/cz3GYxIYO+OUSeZw3/nA=;
Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25])
	by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1L2St3-000O4B-Lk; Tue, 18 Nov 2008 18:53:09 +0300
Date: Tue, 18 Nov 2008 18:53:07 +0300
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: "Steven M. Christey" <coley@linus.mitre.org>
Message-ID: <HFT9UPqQxMKr5hueUanFpyCwPgI@BWOFZFtpv6375xxU2Y12WR4LQqg>
References: <20081118103433.38D5817115@shadow.codelabs.ru>
	<4922B371.6070002@quis.cx>
	<TqoTo5jliabZzOUld/zrRy5vtzI@+C9avPjAe6kfv7rH+xyHzR2RFw8>
	<4922B6F9.2000408@quis.cx>
	<9a6isDG2HABVFiTQKRYgHLbugj0@N7cbPDipnvOyJMD9YzFbYf8QNqE>
	<Pine.GSO.4.51.0811180957530.22800@faron.mitre.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="CxDuMX1Cv2n9FQfo"
Content-Disposition: inline
In-Reply-To: <Pine.GSO.4.51.0811180957530.22800@faron.mitre.org>
Sender: rea-fbsd@codelabs.ru
Cc: Jille Timmermans <jille@quis.cx>, bug-followup@freebsd.org,
	freebsd-security@freebsd.org, mloveless@mitre.org, cve@mitre.org,
	coley@mitre.org
Subject: Re: ports/128956: [patch] [vuxml] multiple vulnerabilities in PHP
	5.2.6
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Nov 2008 15:53:12 -0000


--CxDuMX1Cv2n9FQfo
Content-Type: multipart/mixed; boundary="o7gdRJTuwFmWapyH"
Content-Disposition: inline


--o7gdRJTuwFmWapyH
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Steven,

Tue, Nov 18, 2008 at 10:01:20AM -0500, Steven M. Christey wrote:
> On Tue, 18 Nov 2008, Eygene Ryabinkin wrote:
> It's pretty clear that the description was a typo.  It doesn't follow our
> typical CVE description style of escalating versions when we list version
> ranges.  Most likely I introduced this typo in the original description.
>=20
> I've internally changed it to "5.x through 5.2.6."  This will show up on
> the public CVE web site within a day or two.

OK, thanks a lot!

So, the VuXML entry should be changed accordingly.  New content is
attached.
--=20
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual  =20
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook=20
    {_.-``-'         {_/            #

--o7gdRJTuwFmWapyH
Content-Type: application/xml
Content-Disposition: attachment; filename="vuln.xml"
Content-Transfer-Encoding: quoted-printable

  <vuln vid=3D"">=0A    <topic>PHP 5.x -- buffer overflow in the memnstr()<=
/topic>=0A    <affects>=0A      <package>=0A	<name>php5</name>=0A	<range><l=
t>5.2.6_3</lt></range>=0A      </package>=0A    </affects>=0A    <descripti=
on>=0A      <body xmlns=3D"http://www.w3.org/1999/xhtml">=0A	<p>Entry for C=
VE-2008-3659 says:</p>=0A	<blockquote cite=3D"http://cve.mitre.org/cgi-bin/=
cvename.cgi?name=3DCVE-2008-3659">=0A	<p>Buffer overflow in the memnstr fun=
ction in PHP 4.4.x before=0A	4.4.9 and PHP 5.x through 5.2.6 allows context=
-dependent=0A	attackers to cause a denial of service (crash) and possibly=
=0A	execute arbitrary code via the delimiter argument to the explode=0A	fun=
ction.</p>=0A	<p>NOTE: the scope of this issue is limited since most=0A	app=
lications would not use an attacker-controlled delimiter, but=0A	local atta=
cks against safe_mode are feasible.</p>=0A	</blockquote>=0A      </body>=0A=
    </description>=0A    <references>=0A      <cvename>CVE-2008-3659</cvena=
me>=0A      <url>http://news.php.net/php.cvs/52002</url>=0A      <url>http:=
//www.openwall.com/lists/oss-security/2008/08/08/2</url>=0A    </references=
>=0A    <dates>=0A      <discovery>2008-08-05</discovery>=0A    </dates>=0A=
  </vuln>=0A
--o7gdRJTuwFmWapyH--

--CxDuMX1Cv2n9FQfo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)

iEYEARECAAYFAkki5OMACgkQthUKNsbL7Yg/ZACfUBOnoCZnhTol7o/R0AiNLbWt
fzcAoJCykRyPNoySroKYgW0RGvHsH/B5
=u6kz
-----END PGP SIGNATURE-----

--CxDuMX1Cv2n9FQfo--