oss-sec mailing list archives
Fwd: CVE for PHP 5.5.36 issues
From: Lior Kaplan <kaplanlior () gmail com>
Date: Wed, 25 May 2016 10:51:15 +0300
Hi, Please assign CVE for the following issues, expected to be part of PHP 5.5.36 Code at http://git.php.net/?p=php-src.git;a=shortlog;h=refs/heads/PHP-5.5 #72227 is a backport from upstream, so we'd prefer to reuse their CVE (if already exists). #72135 and 72114 are PHP 5.x only bugs. Thanks, Kaplan ---------- Forwarded message ---------- From: Lior Kaplan <kaplanlior () gmail com> Date: Wed, May 25, 2016 at 12:55 AM Subject: CVE for PHP 5.5.36 issues ? To: "security () php net" <security () php net> Following my mail bellow from last week, these are the issues which got fixed in the security repository for PHP 5.5. commit 7a1aac3343af85b4af4df5f8844946eaa27394ab Author: Stanislav Malyshev <stas () php net> Date: Mon May 23 00:28:02 2016 -0700 Fixed bug #72227: imagescale out-of-bounds read Ported from https://github.com/libgd/libgd/commit/4f65a3e4eedaffa1efcf9ee1eb08f0b504fbc31a commit 97eff7eb57fc2320c267a949cffd622c38712484 Author: Stanislav Malyshev <stas () php net> Date: Sun May 22 17:49:02 2016 -0700 Fix bug #72241: get_icu_value_internal out-of-bounds read commit 0da8b8b801f9276359262f1ef8274c7812d3dfda Author: Stanislav Malyshev <stas () php net> Date: Sun May 15 23:26:51 2016 -0700 Fix bug #72135 - don't create strings with lengths outside int range commit abd159cce48f3e34f08e4751c568e09677d5ec9c Author: Stanislav Malyshev <stas () php net> Date: Mon May 9 21:55:29 2016 -0700 Fix bug #72114 - int/size_t confusion in fread
Current thread:
- Fwd: CVE for PHP 5.5.36 issues Lior Kaplan (May 25)
- Re: Fwd: CVE for PHP 5.5.36 issues cve-assign (May 26)