oss-sec mailing list archives
Re: Stefan Esser's 0day PHP SysCan flaw
From: Raphael Geissert <geissert () debian org>
Date: Wed, 30 Jun 2010 10:32:13 -0500
Raphael Geissert wrote:
Here's a public, limited, explanation: http://php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage- deserialization-use-after-free-vulnerability/
And the fix by upstream: http://svn.php.net/viewvc?view=revision&revision=300843 Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- Stefan Esser's 0day PHP SysCan flaw Josh Bressers (Jun 18)
- Re: Stefan Esser's 0day PHP SysCan flaw Raphael Geissert (Jun 27)
- Re: Stefan Esser's 0day PHP SysCan flaw Raphael Geissert (Jun 30)
- Re: Re: Stefan Esser's 0day PHP SysCan flaw Pierre Joye (Jun 30)
- Re: Stefan Esser's 0day PHP SysCan flaw Raphael Geissert (Jun 30)
- Re: Stefan Esser's 0day PHP SysCan flaw Raphael Geissert (Jun 27)