Bug 10990

Summary: php - Strict Sessions (CVE-2011-4718)
Product: Mageia Reporter: Oden Eriksson <oe>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: luigiwalser
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/564819/
Whiteboard:
Source RPM: php CVE:
Status comment:

Description Oden Eriksson 2013-08-13 09:28:27 CEST 
======================================================
Name: CVE-2011-4718
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4718
Final-Decision: 
Interim-Decision: 
Modified: 
Proposed: 
Assigned: 20111209
Category: 
Reference: MISC:https://bugs.php.net/bug.php?id=60491
Reference: MISC:https://wiki.php.net/rfc/strict_sessions
Reference: CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=169b78eb79b0e080b67f9798708eb3771c6d0b2f
Reference: CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=25e8fcc88fa20dc9d4c47184471003f436927cde

Session fixation vulnerability in the Sessions subsystem in PHP before
5.5.2 allows remote attackers to hijack web sessions by specifying a
session ID.


Reproducible: 

Steps to Reproduce:
Comment 1 Oden Eriksson 2013-08-16 12:57:15 CEST 
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=996774
Comment 2 David Walser 2013-08-16 19:06:28 CEST 
Looks like PHP 5.3 and 5.4 are also affected, looking at the last comment on the RH bug.  Not sure when there will be fixes available, might be a while.  In the meantime, PHP 5.5.2 is out, so this should be fixable in Cauldron now.
David Walser 2013-08-17 18:00:31 CEST

Summary: CVE-2011-4718: php - Strict Sessions => php - Strict Sessions (CVE-2011-4718)

Comment 3 David Walser 2013-08-26 18:49:12 CEST 
Fedora has issued an advisory for this on August 19:
https://lists.fedoraproject.org/pipermail/package-announce/2013-August/114648.html

URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4718 => http://lwn.net/Vulnerabilities/564819/

Comment 4 Oden Eriksson 2013-08-27 11:11:55 CEST 
At MDV we're taking the RH stance as of:

https://bugzilla.redhat.com/show_bug.cgi?id=996774#c4
https://bugzilla.redhat.com/show_bug.cgi?id=996774#c5

No backport for php 5.3/5.4.
Comment 5 David Walser 2013-08-27 14:58:51 CEST 
Sounds reasonable.  Since this is fixed in Cauldron, I'll mark it as FIXED.

Just a note that this is really WONTFIX for Mageia 2 and Mageia 3.

Status: NEW => RESOLVED
CC: (none) => luigiwalser
Resolution: (none) => FIXED