Bug 140335

Summary: [patch] graphics/php5-gd: fix CVE-2009-3546
Product: Ports & Packages Reporter: Eygene Ryabinkin <rea-fbsd>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
cve-2009-3546-fix.diff none

Description Eygene Ryabinkin 2009-11-06 15:40:01 UTC
See [1] and [2].

Fix: The following diff adds the patch from Thomas Hoger that was accepted to
the PHP 5.x.  The patch was whitespace-modified for the graphics/gd.  I
had verified that all three ports build fine and graphics/gd works as
expected in respect to the image conversion (GD -> PNG -> GD) and
graphics creation.
How-To-Repeat: 
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
[2] http://portaudit.FreeBSD.org/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html
Comment 1 Edwin Groothuis freebsd_committer 2009-11-06 15:40:16 UTC
Responsible Changed
From-To: freebsd-ports-bugs->dinoex

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 dfilter service freebsd_committer 2009-11-06 21:37:29 UTC
dinoex      2009-11-06 21:37:16 UTC

  FreeBSD ports repository

  Modified files:
    graphics/gd          Makefile 
  Added files:
    graphics/gd/files    patch-cve-2009-3546 
  Log:
  - Security patch
  Security: CVE-2009-3546
  Security: http://portaudit.freebsd.org/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html
  PR:             140335
  Submitted by:   Eygene Ryabinkin
  Obtained from:  PHP project
  
  Revision  Changes    Path
  1.92      +1 -1      ports/graphics/gd/Makefile
  1.1       +15 -0     ports/graphics/gd/files/patch-cve-2009-3546 (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 3 Dirk Meyer freebsd_committer 2009-11-06 21:40:25 UTC
Responsible Changed
From-To: dinoex->ale

pver to maintainer of */php*
Comment 4 N.J. Mann 2009-11-08 09:05:17 UTC
Following Dirk Meyer's commit to graphics/gd the Vulnerabilities
Database entry needs updating since it says all versions of graphics/gd
are vulnerable, even the fixed version.

(I am not familiar with the syntax used and so I am unable to suggest
what is required.)


Cheers,
       Nick.
--
Comment 5 Eygene Ryabinkin 2009-11-08 11:13:08 UTC
Sun, Nov 08, 2009 at 09:05:17AM +0000, N.J. Mann wrote:
> Following Dirk Meyer's commit to graphics/gd the Vulnerabilities
> Database entry needs updating since it says all versions of graphics/gd
> are vulnerable, even the fixed version.
> 
> (I am not familiar with the syntax used and so I am unable to suggest
> what is required.)

The patch for the security/vuxml/vuln.xml is inside the suggested
patchset that was submitted with this PR.
-- 
Eygene
 _                ___       _.--.   #
 \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
 /  ' `         ,       __.--'      #  to read the on-line manual
 )/' _/     \   `-_,   /            #  while single-stepping the kernel.
 `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
     _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook
    {_.-``-'         {_/            #
Comment 6 Chris Petrik 2009-11-11 07:36:43 UTC
portaudit -F

portupgrade -a or portmaster -a
will fix that issue.

-- 

Chris Petrik
Consulting: http://www.officialunix.com
BSD Site: http://www.bsdjunk.com
FreeBSD ports contributor
Since 18-July-2009
Comment 7 Alexander Best 2010-03-03 01:16:58 UTC
graphics/gd and graphics/php5-gb have been patched.

http://portaudit.freebsd.org/4e8344a3-ca52-11de-8ee8-00215c6a37bb.html says
that  php4-gd >0 is affected. this implies that the patch provided by Eygene
Ryabinkin won't be included in graphics/php4-gd, but instead the port will
remain to be marked as vulnerable.

the last php4 release was in Aug of 2008. it's unlikely a php4 release fixing
CVE-2009-3546 will happen.

please set this pr either into suspend state or close it.

cheers.
alex
Comment 8 Brad Davis freebsd_committer 2010-03-31 03:29:58 UTC
State Changed
From-To: open->closed

Close since it has been patched.