oss-sec mailing list archives

CVE Request: PHP potential remote code execution with apache 2.4 apache2handler

From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Fri, 17 Apr 2015 05:06:32 -0400

Hello,

PHP 5.4.40, 5.5.24 and 5.6.8 fixed a potential remote code execution
vulnerability when used with the Apache 2.4 apache2handler.

https://bugs.php.net/bug.php?id=69218
https://bugs.php.net/bug.php?id=68486 (still private)

Fixed by:

http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7

Could a CVE please be assigned to this issue?

Thanks,

Marc.

Current thread:

CVE Request: PHP potential remote code execution with apache 2.4 apache2handler Marc Deslauriers (Apr 17)
- Re: CVE Request: PHP potential remote code execution with apache 2.4 apache2handler cve-assign (Apr 17)