oss-sec mailing list archives
Re: CVE Request -- PHP 5 - 5.2.11
From: Nico Golde <oss-security+ml () ngolde de>
Date: Sun, 20 Sep 2009 00:30:58 +0200
Hi, * Joe Orton <jorton () redhat com> [2009-09-18 16:11]:
On Fri, Sep 18, 2009 at 03:23:43PM +0200, Nico Golde wrote:* Jan Lieskovsky <jlieskov () redhat com> [2009-09-18 13:52]:PHP has released another upstream 5.2 release, fixing four security issues: http://www.php.net/ChangeLog-5.php http://www.php.net/downloads.php Could you please allocate CVE identifiers?What is the security impact of: Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) ?This would appear to be: http://svn.php.net/viewvc?view=revision&revision=287779 which is Windows-specific.
I was more wondering why this is a security issue rather than a bug. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE Request -- PHP 5 - 5.2.11 Jan Lieskovsky (Sep 18)
- Re: CVE Request -- PHP 5 - 5.2.11 Nico Golde (Sep 18)
- Re: CVE Request -- PHP 5 - 5.2.11 Joe Orton (Sep 18)
- Re: CVE Request -- PHP 5 - 5.2.11 Nico Golde (Sep 19)
- Re: CVE Request -- PHP 5 - 5.2.11 yersinia (Sep 20)
- Re: CVE Request -- PHP 5 - 5.2.11 Steven M. Christey (Sep 21)
- Re: CVE Request -- PHP 5 - 5.2.11 Joe Orton (Sep 18)
- Re: CVE Request -- PHP 5 - 5.2.11 Nico Golde (Sep 18)