Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1633041 - (CVE-2018-17075) CVE-2018-17075 golang-org-x-net-html: Mishandle of "in frameset" causes runtime panic in html.Parse() via crafted html
CVE-2018-17075 golang-org-x-net-html: Mishandle of "in frameset" causes runti...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20180926,repor...
: Security
Depends On: 1633042 1633043 1633044 1639106 1639107 1633045
Blocks: CVE-2018-17142 1633033
  Show dependency treegraph
 
Reported: 2018-09-26 02:14 EDT by Sam Fowler
Modified: 2018-10-19 02:21 EDT (History)
46 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Sam Fowler 2018-09-26 02:14:36 EDT 
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit.


Upstream Issue:

https://github.com/golang/go/issues/27016
https://bugs.chromium.org/p/chromium/issues/detail?id=829668


Upstream Patch:

https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50
Comment 1 Sam Fowler 2018-09-26 02:18:54 EDT 
Created heketi tracking bugs for this issue:

Affects: epel-6 [bug 1633045]
Affects: fedora-all [bug 1633044]


Created kompose tracking bugs for this issue:

Affects: fedora-all [bug 1633043]


Created origin tracking bugs for this issue:

Affects: fedora-all [bug 1633042]
Comment 2 Sam Fowler 2018-10-15 01:41:59 EDT 
Created golang-googlecode-net tracking bugs for this issue:

Affects: epel-6 [bug 1639107]
Affects: fedora-all [bug 1639106]
Comment 3 Scott Gayou 2018-10-16 17:24:44 EDT 
RHEL7 (source from roughly 2014) not affected by reproducer. Most likely occurred when the template changes were merged in 2017. (guessing https://github.com/golang/net/commit/500e7a4f953ddaf55d316b4d3adc516aa0379622)

Source analysis doesn't hint that this may be affected either, missing template etc.
Comment 4 Summer Long 2018-10-19 02:21:35 EDT 
OpenStack OpTools 8/9 grafana versions do not include net/html, which includes the flawed code. OpenStack OpTools 9 golang-googlecode-net does not have the flawed code (already fixed).
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.