Bug 681195

Summary: VUL-1: php5: NumberFormatter::setSymbol crash
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: GeneralAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: maint:released:11.3:41263 maint:released:11.4:41263
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2011-03-21 09:17:46 UTC 
Your friendly security team received the following report via mitre.
Please respond ASAP.
The issue is public.

-------8<-------
======================================================
Name: CVE-2011-1467
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.

Reference: CONFIRM: http://www.php.net/ChangeLog-5.php
Reference: CONFIRM: http://bugs.php.net/bug.php?id=53512
Comment 1 Petr Gajdos 2011-05-31 13:22:59 UTC 
See following submit requests:
11.4:  #72274
11.3:  #72275
11sp1: #12488
10sp4: #12489
10sp3: #12490
Comment 2 Bernhard Wiedemann 2011-05-31 14:00:28 UTC 
This is an autogenerated message for OBS integration:
This bug (681195) was mentioned in
https://build.opensuse.org/request/show/72274 11.4 / php5
https://build.opensuse.org/request/show/72275 11.3 / php5
Comment 3 Swamp Workflow Management 2011-06-01 07:50:55 UTC 
The SWAMPID for this issue is 41262.
This issue was rated as moderate.
Please submit fixed packages until 2011-06-15.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 4 Swamp Workflow Management 2011-06-16 11:33:40 UTC 
Update released for: apache2-mod_php5, apache2-mod_php5-debuginfo, php5, php5-bcmath, php5-bcmath-debuginfo, php5-bz2, php5-bz2-debuginfo, php5-calendar, php5-calendar-debuginfo, php5-ctype, php5-ctype-debuginfo, php5-curl, php5-curl-debuginfo, php5-dba, php5-dba-debuginfo, php5-debuginfo, php5-debugsource, php5-devel, php5-dom, php5-dom-debuginfo, php5-enchant, php5-enchant-debuginfo, php5-exif, php5-exif-debuginfo, php5-fastcgi, php5-fastcgi-debuginfo, php5-fileinfo, php5-fileinfo-debuginfo, php5-fpm, php5-fpm-debuginfo, php5-ftp, php5-ftp-debuginfo, php5-gd, php5-gd-debuginfo, php5-gettext, php5-gettext-debuginfo, php5-gmp, php5-gmp-debuginfo, php5-hash, php5-hash-debuginfo, php5-iconv, php5-iconv-debuginfo, php5-imap, php5-imap-debuginfo, php5-intl, php5-intl-debuginfo, php5-json, php5-json-debuginfo, php5-ldap, php5-ldap-debuginfo, php5-mbstring, php5-mbstring-debuginfo, php5-mcrypt, php5-mcrypt-debuginfo, php5-mysql, php5-mysql-debuginfo, php5-odbc, php5-odbc-debuginfo, php5-openssl, php5-openssl-debuginfo, php5-pcntl, php5-pcntl-debuginfo, php5-pdo, php5-pdo-debuginfo, php5-pear, php5-pgsql, php5-pgsql-debuginfo, php5-phar, php5-phar-debuginfo, php5-posix, php5-posix-debuginfo, php5-pspell, php5-pspell-debuginfo, php5-readline, php5-readline-debuginfo, php5-shmop, php5-shmop-debuginfo, php5-snmp, php5-snmp-debuginfo, php5-soap, php5-soap-debuginfo, php5-sockets, php5-sockets-debuginfo, php5-sqlite, php5-sqlite-debuginfo, php5-suhosin, php5-suhosin-debuginfo, php5-sysvmsg, php5-sysvmsg-debuginfo, php5-sysvsem, php5-sysvsem-debuginfo, php5-sysvshm, php5-sysvshm-debuginfo, php5-tidy, php5-tidy-debuginfo, php5-tokenizer, php5-tokenizer-debuginfo, php5-wddx, php5-wddx-debuginfo, php5-xmlreader, php5-xmlreader-debuginfo, php5-xmlrpc, php5-xmlrpc-debuginfo, php5-xmlwriter, php5-xmlwriter-debuginfo, php5-xsl, php5-xsl-debuginfo, php5-zip, php5-zip-debuginfo, php5-zlib, php5-zlib-debuginfo
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 5 Ludwig Nussel 2011-06-16 11:38:34 UTC 
released
Comment 6 Bernhard Wiedemann 2011-06-17 21:00:36 UTC 
This is an autogenerated message for OBS integration:
This bug (681195) was mentioned in
https://build.opensuse.org/request/show/74083 Evergreen:11.2 / php5