It was reported [1] that libhtp handling of streams in error state could lead to NULL pointer dereference, leading to caller crash. Suricata (Intrusion Detection System) embeds libhtp, and is one of the affected components [2]. [1]: https://github.com/OISF/libhtp/pull/82 [2]: https://redmine.openinfosecfoundation.org/issues/1272
Created suricata tracking bugs for this issue: Affects: fedora-all [bug 1173607]
Created libhtp tracking bugs for this issue: Affects: fedora-all [bug 1173608] Affects: epel-6 [bug 1173610]
Given that this is fixed in 0.5.16, I guess I can just push an update for it in Rawhide and F21. However, we need to check whether there were API/ABI breaks between 0.5.15 and 0.5.16, and if there were, maybe we should just backport the patch for F20 et EPEL6? In any case, I'll look at upgrading F21+ right away.
Updates have been submitted almost 3 weeks ago. Can I get an ACK from the security team, that they do fix the reported vulnerability?
*** Bug 1180487 has been marked as a duplicate of this bug. ***
libhtp-0.5.16-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
libhtp-0.5.6-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
libhtp-0.5.16-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
suricata-2.0.6-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
*** Bug 1180488 has been marked as a duplicate of this bug. ***
*** Bug 1180489 has been marked as a duplicate of this bug. ***