oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request - php 5.3.27 fixing heap corruption in the XML parser

From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 11 Jul 2013 12:03:26 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/11/2013 11:23 AM, Jan Lieskovsky wrote:

Hello Kurt, Steve, vendors,

  PHP upstream has released 5.3.27 version:
  [1] http://php.net/archive/2013.php#id2013-07-11-1

correcting one security flaw (upstream bug #65236):
[2] http://php.net/ChangeLog-5.php
[3] https://bugs.php.net/bug.php?id=65236

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team



Please use CVE-2013-4113 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJR3vNuAAoJEBYNRVNeJnmTnuUP/i5uZVYMONCBm0Zqo8wJr+Aa
94cXOcpNdkgXa71vI0JqUq/BqNScqoq2TFqi4c+L5Qi6jIYELpGcFBf4zkOAw1l7
FQ8VtT4EOIQLyBflPdvs8frBmYWe3NH0hlplgihMEq2Ih8k+W2H3afe29HXGv5tz
XnURgR2zpQr+sATZNoSNmSITVETcD1gxGDCxCYl5FAHOo549zqh1wmw8Jgba+B5U
kvVXLs/DHu9NpB9B0PB9SWMtxQSkG2WRcuMI/C4Zc0EliG9YoC9BM24S1L1OLisn
iH8IqjeTqSUgwcW+BWOgYC0G1CRIBGVB04Ua6NHo34aT3mq8IasEWFIo1d3MQFPz
4YofelrZlhjNwCTX1MXYbF5hRfEqpOnZj4+NLfwVjllQ4tWGawwwXA3vOLXQK18l
XKEh42C/4Jc2PkM90DsxZUPAEnmslpPaXZdyevfvuB4kSZhKRMneH39DP941m14/
GnKXcB2hm4PzFba1dP56YoX8/tEu2qXJYQ879F1wOGBW9tD87kxDnKU5UzqFgmiG
Lk+mhF9EtjSfoYFOeIhIlKWbqlrve8vk5sYgmouMhPhQbRo6ZDpQXpA+7tbSIOmF
xVhQa1gMq2IdFYkVZmJPegK3eBobnO/bpVKzj6RszGVqipFzxTpNXivinkdQT/XI
A0YzJ9NUbVrmvOYFyn6U
=DfQX
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: