Bug 1367462 (CVE-2015-8980)

Summary: CVE-2015-8980 php-php-gettext: Arbitrary code execution in select_string, ngettext and npgettext count parameter
Product: [Other] Security Response Reporter: Andrej Nemec <anemec>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED UPSTREAM QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: macrchrd0, redhat-bugzilla, sardella, yjog
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: php-php-gettext 1.0.12 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-08 02:57:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1367463, 1367464, 1367465    
Bug Blocks:    

Description Andrej Nemec 2016-08-16 13:08:25 UTC
A code injection vulnerability was found in php-gettext. Evaluating the plural form formula in ngettext family of calls can execute arbitrary code if number is passed unsanitized from the untrusted user.

References:

http://seclists.org/fulldisclosure/2016/Aug/76

Comment 1 Andrej Nemec 2016-08-16 13:09:00 UTC
Created php53-php-gettext tracking bugs for this issue:

Affects: epel-5 [bug 1367465]

Comment 2 Andrej Nemec 2016-08-16 13:09:05 UTC
Created php-php-gettext tracking bugs for this issue:

Affects: fedora-all [bug 1367463]
Affects: epel-all [bug 1367464]

Comment 3 Andrej Nemec 2017-01-18 08:55:53 UTC
CVE assignment:

http://seclists.org/oss-sec/2017/q1/128

Comment 4 Mac 2018-10-27 10:27:16 UTC
CVE assignment

summary :

php-php-gettext-attribatary code execution, conducting code execution - CVE-2018-8986 php-php-gettext:

Comment 5 Yogendra Jog 2018-10-30 08:46:35 UTC
Hi, 

Can you please clarify what's needed here ?  

Regards
YOG.

Comment 6 Robert Scheck 2018-10-30 18:40:33 UTC
I would assume this RHBZ could be closed?

Comment 7 Product Security DevOps Team 2019-06-08 02:57:30 UTC
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.