Bug 1199049 (CVE-2015-2675)
Summary: | CVE-2015-2675 rest: memory corruption when using oauth because of implicit declaration of rest_proxy_call_get_url | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vasyl Kaigorodov <vkaigoro> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | cfergeau, debarshir, jrusnack, pbrobinson, sisharma, vkaigoro |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
It was found that the OAuth implementation in librest, a helper library for RESTful services, incorrectly truncated the pointer returned by the rest_proxy_call_get_url call. An attacker could use this flaw to crash an application using the librest library.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2015-11-20 05:28:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1183982, 1204682, 1249682 | ||
Bug Blocks: | 1199051, 1210268 |
Description
Vasyl Kaigorodov
2015-03-05 11:53:29 UTC
Created rest tracking bugs for this issue: Affects: fedora-all [bug 1204682] Vasyl: why is this a bug in Fedora? The commit referenced landed upstream in September 2015, we're running 0.7.93 across all current Fedora releases (21 ->24) which was released with the fix in March 2015. It's also referenced in comment 2 [1] in the upstream bug that this was fixed upstream [1] https://bugzilla.gnome.org/show_bug.cgi?id=742644#c2 (In reply to Peter Robinson from comment #3) > Vasyl: why is this a bug in Fedora? > > The commit referenced landed upstream in September 2015, we're running > 0.7.93 across all current Fedora releases (21 ->24) which was released with > the fix in March 2015. It's also referenced in comment 2 [1] in the upstream > bug that this was fixed upstream > > [1] https://bugzilla.gnome.org/show_bug.cgi?id=742644#c2 Peter, it was an issue for Fedora when this flaw bug was filed, see https://bugzilla.redhat.com/show_bug.cgi?id=1204682 (Fedora security tracker bug for this issue). I.e. - Fedora was affected, the problem was resolved in BZ 1204682, no further actions required from Fedora side. Hope this answers your question. Not sure why I only just got alerts then, all of the emails dated a few days ago, didn't take note of the dates in the actual BZ bits above (In reply to Peter Robinson from comment #5) > Not sure why I only just got alerts then, all of the emails dated a few days > ago, didn't take note of the dates in the actual BZ bits above Hi Peter, CVE/Flaw bugs are not supposed to be closed until all affected products are fixed. May be you wanted to close bug that was opened for Fedora.
> CVE/Flaw bugs are not supposed to be closed until all affected products are
> fixed. May be you wanted to close bug that was opened for Fedora.
Close what ever ones you want, it's not a problem in Fedora.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2237 https://rhn.redhat.com/errata/RHSA-2015-2237.html |