[Mono-bugs] [Bug 647493] New: CVE-2007-5197 not actually fixed, BigInteger unsafe code overflow remains in all versions incl git master

Mon Oct 18 15:13:14 EDT 2010

https://bugzilla.novell.com/show_bug.cgi?id=647493

https://bugzilla.novell.com/show_bug.cgi?id=647493#c0

           Summary: CVE-2007-5197 not actually fixed, BigInteger unsafe
                    code overflow remains in all versions incl git master
    Classification: Mono
           Product: Mono: Class Libraries
           Version: SVN
          Platform: x86-64
        OS/Version: Ubuntu
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: Mono.Security
        AssignedTo: spouliot at novell.com
        ReportedBy: directhex at apebox.org
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---
           Blocker: ---

User-Agent:       Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.3
(KHTML, like Gecko) Ubuntu/10.10 Chromium/6.0.472.63 Chrome/6.0.472.63
Safari/534.3

At some point in the past, some wires were crossed.

As a result,
http://www.mono-project.com/Vulnerabilities#BigInteger_unsafe_code_overflow
reports that CVE-2007-5197 was fixed in Mono 1.2.5.1 - it was actually FOUND in
1.2.5.1, and has never been fixed upstream. Pretty much every distro out there
has simply been patching it downstream since 2007.

It should probably get fixed.

Reproducible: Always

Steps to Reproduce:
1. Use upstream Mono
2. Be insecure

Fix is in
http://git.debian.org/?p=pkg-mono/packages/mono.git;a=commitdiff;h=252840544847bf18c954ec3e07590dbad375a392
or any number of other downstream distro patch databases

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.