oss-sec mailing list archives
CVE for SE-2008-06 in PHP 5.2.7 (ZipArchive)
From: David Remahl <dremahl () apple com>
Date: Thu, 4 Dec 2008 13:43:46 -0800
http://www.sektioneins.de/advisories/SE-2008-06.txtPHP 5.2.7 addresses several CVEs that are listed in the NEWS file. Apparently, it also addresses the above bug, but no CVE has been assigned:
- Fixed extraction of zip files or directories when the entry name is a relative path. (Pierre) The advisory from Stefan also does not contain a CVE. Steve, please assign / Regards, David
Current thread:
- CVE for SE-2008-06 in PHP 5.2.7 (ZipArchive) David Remahl (Dec 04)