oss-sec mailing list archives
CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases
From: Matthias Geerdsen <matthias () vorlons info>
Date: Mon, 11 Apr 2016 21:41:41 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, could you please provide CVE IDs for the following PHP issues fixed in the latest releases, as I have not yet seen any IDs yet: - - Buffer over-write in finfo_open with malformed magic file https://bugs.php.net/bug.php?id=71527 http://bugs.gw.com/view.php?id=522 - - Integer overflow in php_raw_url_encode https://bugs.php.net/bug.php?id=71798 https://git.php.net/?p=php-src.git;a=commit;h=95433e8e339dbb6b5d5541473c 1661db6ba2c451 - - php_snmp_error() Format String Vulnerability https://bugs.php.net/bug.php?id=71704 https://git.php.net/?p=php-src.git;a=commit;h=6e25966544fb1d2f3d7596e060 ce9c9269bbdcf8 - - Invalid memory write in phar on filename containing \0 inside name https://bugs.php.net/bug.php?id=71860 https://gist.github.com/smalyshev/80b5c2909832872f2ba2 - - AddressSanitizer: negative-size-param (-1) in mbfl_strcut https://bugs.php.net/bug.php?id=71906 https://gist.github.com/smalyshev/d8355c96a657cc5dba70 Thanks a lot Matthias -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXC/3xAAoJEDVYuxv9Aw7qdY0H/2YZdBrOs6WHe9zISeehp8eX I5E0qdqrkXXbVxjvYH+Z8BHLS5nf+vwucCoCb+5UFKIzfmwuWGn6zwF61zbHUBcM 8kLd635zX5SZROUVTYYy/bTtSD/vA3cHv4UsKHJCsUH+KkcuG3BCVVkUKiH8ayWE cfkbW4gIFHIT9JH+ciTmJ1poTc6bX0KPbchxGmfw5bgagTuntZr4JWbKbmQQugCg DYqZuldgAqZsx13klQTreFj5/ZXa4mrJPpIqkd+BV+VJlBij9qSTVnEB5FViN2tP VcW8mlAw6uCg35J7UJArShR8Ts4/TD8vU2anCUlLQKGwYuQOgBYQVV4DF5EskB0= =vqBF -----END PGP SIGNATURE-----
Current thread:
- CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases Matthias Geerdsen (Apr 11)
- Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases Salvatore Bonaccorso (Apr 21)
- Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases Marc Deslauriers (Apr 21)
- Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases cve-assign (Apr 23)
- Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases Salvatore Bonaccorso (Apr 21)