oss-sec mailing list archives
Re: CVE Request: use after free in PHP 5.6 and 7 (possibly others)
From: Mark Felder <feld () feld me>
Date: Thu, 16 Jul 2015 11:36:13 -0500
On Thu, Jul 16, 2015, at 01:24, Brian Carpenter wrote:
Bug Report: https://bugs.php.net/bug.php?id=70083
-Type: Security +Type: Bug
Interesting that they removed the Security label
PHP 5.5 and below are in sec-fixes only mode. I fixed the bug in PHP 5.6 though;
They seem to think it's not a security issue and won't be patching < 5.6 ?
Current thread:
- CVE Request: use after free in PHP 5.6 and 7 (possibly others) Brian Carpenter (Jul 15)
- Re: CVE Request: use after free in PHP 5.6 and 7 (possibly others) Mark Felder (Jul 16)