oss-sec mailing list archives
CVE Request: PHP/file: out-of-bounds memory access in softmagic
From: Moritz Muehlenhoff <jmm () debian org>
Date: Wed, 4 Feb 2015 19:53:36 +0100
Hi, please assign a CVE ID for this issue in file (and in the respective PHP extension): Originally reported in file: Bug report: http://bugs.gw.com/view.php?id=398 Fix: https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158 A slightly modified version is also present in PHP (it should receive the same CVE ID): Bug report: https://bugs.php.net/bug.php?id=68735 Fix: https://bugs.php.net/patch-display.php?bug=68735&patch=bug68735.patch&revision=1420309079 We've already fixed these in Debian updates (but CVE IDs haven't been available back then): file: https://lists.debian.org/debian-security-announce/2015/msg00003.html php5: https://lists.debian.org/debian-security-announce/2015/msg00008.html Cheers, Moritz
Current thread:
- CVE Request: PHP/file: out-of-bounds memory access in softmagic Moritz Muehlenhoff (Feb 04)
- Re: CVE Request: PHP/file: out-of-bounds memory access in softmagic Hanno Böck (Feb 04)
- Re: CVE Request: PHP/file: out-of-bounds memory access in softmagic cve-assign (Feb 05)
- Re: CVE Request: PHP/file: out-of-bounds memory access in softmagic cve-assign (Feb 05)
- Re: CVE Request: PHP/file: out-of-bounds memory access in softmagic Hanno Böck (Feb 04)