oss-sec mailing list archives
Re: CVE Request: PHP 5.6.6 changelog
From: Francisco Alonso <falonsoe () redhat com>
Date: Wed, 11 Mar 2015 06:45:30 -0400 (EDT)
Hi again, Please as upstream has not flagged these bugs as security. Just ask if the CVE identifiers have been requested before (It is not necessary to assign them yet). Thank you. Francisco Alonso / Red Hat Product Security PGP: 0xA026440E 0825 020C 7A5A 4F86 9038 B1C8 5562 688F A026 440E ----- Original Message -----
From: "Francisco Alonso" <falonsoe () redhat com> To: oss-security () lists openwall com Cc: cve-assign () mitre org Sent: Tuesday, March 10, 2015 10:16:26 AM Subject: CVE Request: PHP 5.6.6 changelog Hi, Could a CVE be please assigned to the following issues? [3] (in case it was not requested to MITRE before): [1] PHP: heap buffer overflow in enchant_broker_request_dict() : https://bugs.php.net/bug.php?id=68552 http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803 https://bugzilla.redhat.com/show_bug.cgi?id=1194737 [2] PHP: Double free with disabled ZMM: https://bugs.php.net/bug.php?id=68827 http://git.php.net/?p=php-src.git;a=commit;h=91aa340180eccfc15d4a143b54d47b8120f898be https://bugzilla.redhat.com/show_bug.cgi?id=1194741 [3] PHP: use after free in phar_object.c https://bugs.php.net/bug.php?id=68901 http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b https://bugzilla.redhat.com/show_bug.cgi?id=1194747 Thank you Francisco Alonso / Red Hat Product Security PGP: 0xA026440E 0825 020C 7A5A 4F86 9038 B1C8 5562 688F A026 440E
Current thread:
- CVE Request: PHP 5.6.6 changelog Francisco Alonso (Mar 10)
- Re: CVE Request: PHP 5.6.6 changelog Francisco Alonso (Mar 11)
- Re: Re: CVE Request: PHP 5.6.6 changelog Joshua Rogers (Mar 11)
- Re: CVE Request: PHP 5.6.6 changelog cve-assign (Mar 15)
- Re: CVE Request: PHP 5.6.6 changelog Francisco Alonso (Mar 11)