oss-sec mailing list archives
CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0
From: Lior Kaplan <kaplanlior () gmail com>
Date: Mon, 12 Dec 2016 12:13:45 +0200
Hi, Please assign a CVE for the following issues: Fixed in PHP 5.6.28, 7.0.13 and 7.1.0: Bug #72696 imagefilltoborder stackoverflow on truecolor images https://bugs.php.net/bug.php?id=72696 https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1 Fixed in PHP 5.6.28, 7.0.13 and 7.1.0: Bug #73331 NULL Pointer Dereference in WDDX Packet Deserialization with PDORow https://bugs.php.net/bug.php?id=73331 https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d Fixed in PHP 5.6.29 and 7.0.14: Bug #73631 Invalid read when wddx decodes empty boolean element https://bugs.php.net/bug.php?id=73631 https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0 Fixed in PHP 7.0.14 and 7.1.0: Bug #72978 Use After Free in PHP7 unserialize() https://bugs.php.net/bug.php?id=72978 https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17 Kaplan
Current thread:
- CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0 Lior Kaplan (Dec 12)
- Re: CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0 cve-assign (Dec 12)