854880 – (CVE-2013-6420) VUL-0: CVE-2013-6420: php: memory corrpution in openssl_parse_x509

Bug 854880 (CVE-2013-6420) - VUL-0: CVE-2013-6420: php: memory corrpution in openssl_parse_x509

Summary: VUL-0: CVE-2013-6420: php: memory corrpution in openssl_parse_x509

Status:	RESOLVED FIXED

Alias:	CVE-2013-6420

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Deadline:	2014-06-26
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle11-sp1:55583 maint:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2013-12-11 08:06 UTC by Sebastian Krahmer
Modified:	2020-05-18 11:53 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sebastian Krahmer 2013-12-11 08:06:02 UTC

CVE-2013-6420



References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6420
https://bugzilla.redhat.com/show_bug.cgi?id=1036830

Comment 1 Sebastian Krahmer 2013-12-11 10:07:45 UTC

Do you know which products are affected by this?

Comment 2 Petr Gajdos 2013-12-11 12:58:34 UTC

git commit testcase included
http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415

Comment 3 Petr Gajdos 2013-12-11 13:00:44 UTC

My rough estimate is, that it affects even php 5.2 (thus all products affected).
I'll test tomorrow via testcase.

Comment 4 Petr Gajdos 2013-12-12 13:43:01 UTC

Tested 5.2.14, 5.3.17 and 5.4.20, all affected.

Comment 5 Petr Gajdos 2013-12-13 13:21:16 UTC

Update is prepared in obs/ibs home:pgajdos:maintenance:php5,waiting for bug 853134 resolution.

Comment 6 Swamp Workflow Management 2013-12-16 09:55:54 UTC

The SWAMPID for this issue is 55481.
This issue was rated as moderate.
Please submit fixed packages until 2013-12-30.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 7 Petr Gajdos 2013-12-17 12:53:59 UTC

packages submitted

Comment 9 Bernhard Wiedemann 2013-12-18 12:00:22 UTC

This is an autogenerated message for OBS integration:
This bug (854880) was mentioned in
https://build.opensuse.org/request/show/211382 Factory / php5

Comment 10 Swamp Workflow Management 2013-12-27 09:04:43 UTC

openSUSE-SU-2013:1963-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 837746,853045,854880
CVE References: CVE-2013-4248,CVE-2013-6420,CVE-2013-6712
Sources used:
openSUSE 13.1 (src):    php5-5.4.20-4.1
openSUSE 12.3 (src):    php5-5.3.17-3.8.1
openSUSE 12.2 (src):    php5-5.3.15-1.20.1

Comment 11 Swamp Workflow Management 2013-12-27 10:04:40 UTC

openSUSE-SU-2013:1964-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 837746,853045,854880
CVE References: CVE-2013-4248,CVE-2013-6420,CVE-2013-6712
Sources used:
openSUSE 11.4 (src):    php5-5.3.5-359.1

Comment 12 Sebastian Krahmer 2014-01-14 09:56:39 UTC

released

Comment 13 Swamp Workflow Management 2014-01-14 15:04:22 UTC

Update released for: apache2-mod_php5, php5, php5-bcmath, php5-bz2, php5-calendar, php5-ctype, php5-curl, php5-dba, php5-dbase, php5-debuginfo, php5-devel, php5-dom, php5-exif, php5-fastcgi, php5-ftp, php5-gd, php5-gettext, php5-gmp, php5-hash, php5-iconv, php5-imap, php5-json, php5-ldap, php5-mbstring, php5-mcrypt, php5-mhash, php5-mysql, php5-ncurses, php5-odbc, php5-openssl, php5-pcntl, php5-pdo, php5-pear, php5-pgsql, php5-posix, php5-pspell, php5-readline, php5-shmop, php5-snmp, php5-soap, php5-sockets, php5-sqlite, php5-suhosin, php5-sysvmsg, php5-sysvsem, php5-sysvshm, php5-tidy, php5-tokenizer, php5-wddx, php5-xmlreader, php5-xmlrpc, php5-xmlwriter, php5-xsl, php5-zip, php5-zlib
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 14 Swamp Workflow Management 2014-01-14 15:04:45 UTC

Update released for: apache2-mod_php5, php5, php5-bcmath, php5-bz2, php5-calendar, php5-ctype, php5-curl, php5-dba, php5-dbase, php5-debuginfo, php5-debugsource, php5-devel, php5-dom, php5-exif, php5-fastcgi, php5-ftp, php5-gd, php5-gettext, php5-gmp, php5-hash, php5-iconv, php5-imap, php5-json, php5-ldap, php5-mbstring, php5-mcrypt, php5-mysql, php5-ncurses, php5-odbc, php5-openssl, php5-pcntl, php5-pdo, php5-pear, php5-pgsql, php5-posix, php5-pspell, php5-readline, php5-shmop, php5-snmp, php5-soap, php5-sockets, php5-sqlite, php5-suhosin, php5-sysvmsg, php5-sysvsem, php5-sysvshm, php5-tidy, php5-tokenizer, php5-wddx, php5-xmlreader, php5-xmlrpc, php5-xmlwriter, php5-xsl, php5-zip, php5-zlib
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)

Comment 15 Swamp Workflow Management 2014-01-14 15:48:11 UTC

Update released for: apache2-mod_php53, php53, php53-bcmath, php53-bz2, php53-calendar, php53-ctype, php53-curl, php53-dba, php53-debuginfo, php53-debugsource, php53-devel, php53-dom, php53-enchant, php53-exif, php53-fastcgi, php53-fileinfo, php53-fpm, php53-ftp, php53-gd, php53-gettext, php53-gmp, php53-iconv, php53-imap, php53-intl, php53-json, php53-ldap, php53-mbstring, php53-mcrypt, php53-mysql, php53-odbc, php53-openssl, php53-pcntl, php53-pdo, php53-pear, php53-pgsql, php53-phar, php53-posix, php53-pspell, php53-readline, php53-shmop, php53-snmp, php53-soap, php53-sockets, php53-sqlite, php53-suhosin, php53-sysvmsg, php53-sysvsem, php53-sysvshm, php53-tidy, php53-tokenizer, php53-wddx, php53-xmlreader, php53-xmlrpc, php53-xmlwriter, php53-xsl, php53-zip, php53-zlib
Products:
SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP3 (i386, x86_64)

Comment 16 Swamp Workflow Management 2014-01-14 15:52:52 UTC

Update released for: apache2-mod_php5, php5, php5-bcmath, php5-bz2, php5-calendar, php5-ctype, php5-curl, php5-dba, php5-dbase, php5-debuginfo, php5-debugsource, php5-devel, php5-dom, php5-exif, php5-fastcgi, php5-ftp, php5-gd, php5-gettext, php5-gmp, php5-hash, php5-iconv, php5-imap, php5-json, php5-ldap, php5-mbstring, php5-mcrypt, php5-mysql, php5-ncurses, php5-odbc, php5-openssl, php5-pcntl, php5-pdo, php5-pear, php5-pgsql, php5-posix, php5-pspell, php5-readline, php5-shmop, php5-snmp, php5-soap, php5-sockets, php5-sqlite, php5-suhosin, php5-sysvmsg, php5-sysvsem, php5-sysvshm, php5-tidy, php5-tokenizer, php5-wddx, php5-xmlreader, php5-xmlrpc, php5-xmlwriter, php5-xsl, php5-zip, php5-zlib
Products:
SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SDK 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP2 (i386, x86_64)

Comment 17 Swamp Workflow Management 2014-01-14 16:06:02 UTC

Update released for: apache2-mod_php53, php53, php53-bcmath, php53-bz2, php53-calendar, php53-ctype, php53-curl, php53-dba, php53-debuginfo, php53-debugsource, php53-devel, php53-dom, php53-enchant, php53-exif, php53-fastcgi, php53-fileinfo, php53-fpm, php53-ftp, php53-gd, php53-gettext, php53-gmp, php53-iconv, php53-imap, php53-intl, php53-json, php53-ldap, php53-mbstring, php53-mcrypt, php53-mysql, php53-odbc, php53-openssl, php53-pcntl, php53-pdo, php53-pear, php53-pgsql, php53-phar, php53-posix, php53-pspell, php53-readline, php53-shmop, php53-snmp, php53-soap, php53-sockets, php53-sqlite, php53-suhosin, php53-sysvmsg, php53-sysvsem, php53-sysvshm, php53-tidy, php53-tokenizer, php53-wddx, php53-xmlreader, php53-xmlrpc, php53-xmlwriter, php53-xsl, php53-zip, php53-zlib
Products:
SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SDK 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP2 (i386, x86_64)

Comment 18 Swamp Workflow Management 2014-01-14 19:04:32 UTC

SUSE-SU-2014:0062-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 837746,854880
CVE References: CVE-2013-4248,CVE-2013-6420
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP2 (src):    php5-5.2.14-0.7.30.50.1
SUSE Linux Enterprise Server 11 SP2 for VMware (src):    php5-5.2.14-0.7.30.50.1
SUSE Linux Enterprise Server 11 SP2 (src):    php5-5.2.14-0.7.30.50.1

Comment 19 Swamp Workflow Management 2014-01-14 19:05:20 UTC

SUSE-SU-2014:0063-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 837746,842676,853045,854880
CVE References: CVE-2013-4248,CVE-2013-6420,CVE-2013-6712
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    php53-5.3.17-0.17.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    php53-5.3.17-0.17.1
SUSE Linux Enterprise Server 11 SP3 (src):    php53-5.3.17-0.17.1

Comment 20 Swamp Workflow Management 2014-01-14 20:04:20 UTC

SUSE-SU-2014:0064-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 854880
CVE References: CVE-2013-4248,CVE-2013-6420,CVE-2013-6712
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP2 (src):    php53-5.3.8-0.43.1
SUSE Linux Enterprise Server 11 SP2 for VMware (src):    php53-5.3.8-0.43.1
SUSE Linux Enterprise Server 11 SP2 (src):    php53-5.3.8-0.43.1

Comment 21 Swamp Workflow Management 2014-06-12 15:26:42 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-06-26.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/57809

Comment 22 Swamp Workflow Management 2014-07-04 19:54:35 UTC

Update released for: apache2-mod_php5, php5, php5-bcmath, php5-bz2, php5-calendar, php5-ctype, php5-curl, php5-dba, php5-dbase, php5-debuginfo, php5-devel, php5-dom, php5-exif, php5-fastcgi, php5-ftp, php5-gd, php5-gettext, php5-gmp, php5-hash, php5-iconv, php5-imap, php5-json, php5-ldap, php5-mbstring, php5-mcrypt, php5-mhash, php5-mysql, php5-ncurses, php5-odbc, php5-openssl, php5-pcntl, php5-pdo, php5-pear, php5-pgsql, php5-posix, php5-pspell, php5-readline, php5-shmop, php5-snmp, php5-soap, php5-sockets, php5-sqlite, php5-suhosin, php5-sysvmsg, php5-sysvsem, php5-sysvshm, php5-tidy, php5-tokenizer, php5-wddx, php5-xmlreader, php5-xmlrpc, php5-xmlwriter, php5-xsl, php5-zip, php5-zlib
Products:
SLE-DEBUGINFO 10-SP3 (i386, s390x, x86_64)
SLE-SERVER 10-SP3-LTSS (i386, s390x, x86_64)

Comment 23 Swamp Workflow Management 2014-07-04 20:50:45 UTC

Update released for: apache2-mod_php5, php5, php5-bcmath, php5-bz2, php5-calendar, php5-ctype, php5-curl, php5-dba, php5-dbase, php5-debuginfo, php5-devel, php5-dom, php5-exif, php5-fastcgi, php5-ftp, php5-gd, php5-gettext, php5-gmp, php5-hash, php5-iconv, php5-imap, php5-json, php5-ldap, php5-mbstring, php5-mcrypt, php5-mhash, php5-mysql, php5-ncurses, php5-odbc, php5-openssl, php5-pcntl, php5-pdo, php5-pear, php5-pgsql, php5-posix, php5-pspell, php5-readline, php5-shmop, php5-snmp, php5-soap, php5-sockets, php5-sqlite, php5-suhosin, php5-sysvmsg, php5-sysvsem, php5-sysvshm, php5-tidy, php5-tokenizer, php5-wddx, php5-xmlreader, php5-xmlrpc, php5-xmlwriter, php5-xsl, php5-zip, php5-zlib
Products:
SLE-DEBUGINFO 10-SP4 (i386, s390x, x86_64)
SLE-SERVER 10-SP4-LTSS (i386, s390x, x86_64)

Comment 24 Swamp Workflow Management 2014-07-05 00:05:28 UTC

SUSE-SU-2014:0873-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 837746,854880,868624,882992
CVE References: CVE-2013-4248,CVE-2013-6420,CVE-2014-2497,CVE-2014-4049
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    php5-5.2.14-0.48.1
SUSE Linux Enterprise Server 10 SP3 LTSS (src):    php5-5.2.14-0.48.1

Comment 25 Swamp Workflow Management 2014-07-07 13:51:33 UTC

Update released for: apache2-mod_php5, php5, php5-bcmath, php5-bz2, php5-calendar, php5-ctype, php5-curl, php5-dba, php5-dbase, php5-debuginfo, php5-debugsource, php5-devel, php5-dom, php5-exif, php5-fastcgi, php5-ftp, php5-gd, php5-gettext, php5-gmp, php5-hash, php5-iconv, php5-imap, php5-json, php5-ldap, php5-mbstring, php5-mcrypt, php5-mysql, php5-ncurses, php5-odbc, php5-openssl, php5-pcntl, php5-pdo, php5-pear, php5-pgsql, php5-posix, php5-pspell, php5-readline, php5-shmop, php5-snmp, php5-soap, php5-sockets, php5-sqlite, php5-suhosin, php5-sysvmsg, php5-sysvsem, php5-sysvshm, php5-tidy, php5-tokenizer, php5-wddx, php5-xmlreader, php5-xmlrpc, php5-xmlwriter, php5-xsl, php5-zip, php5-zlib
Products:
SLE-DEBUGINFO 11-SP1 (i386, s390x, x86_64)
SLE-SERVER 11-SP1-LTSS (i386, s390x, x86_64)

Comment 26 Swamp Workflow Management 2014-07-07 17:05:03 UTC

SUSE-SU-2014:0873-2: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 837746,854880,868624,882992
CVE References: CVE-2013-4248,CVE-2013-6420,CVE-2014-2497,CVE-2014-4049
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    php5-5.2.14-0.7.30.54.1