oss-sec mailing list archives

Fwd: CVE for PHP 5.5.38 issues

From: Lior Kaplan <kaplanlior () gmail com>
Date: Sun, 24 Jul 2016 11:06:25 +0300

Hi,

PHP 5.5.38 was released over the weekend, with a few security fixes, see
list bellow (I removed issues already have CVE assigned to them).

Source code is at
http://git.php.net/?p=php-src.git;a=shortlog;h=refs/tags/php-5.5.38

- Core:
   . Fixed bug #70480 (php_url_parse_ex() buffer overflow read). (Stas)
   . Fixed bug #72513 (Stack-based buffer overflow vulnerability in
     virtual_file_ex). (loianhtuan at gmail dot com)
   . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
     Deserialization). (taoguangchen at icloud dot com)

- EXIF:
   . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
     (Stas)
   . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
     (Stas)

- Intl:
   . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)


- SNMP:
   . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
     unserialize()). (taoguangchen at icloud dot com)

- Xmlrpc:
   . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn
simplestring.c).
     (Stas)

- Zip:
   . Fixed bug #72520 (Stack-based buffer overflow vulnerability in
     php_stream_zip_opener). (loianhtuan at gmail dot com)

Thanks,

Kaplan

Current thread:

Fwd: CVE for PHP 5.5.38 issues Lior Kaplan (Jul 24)
- Re: Fwd: CVE for PHP 5.5.38 issues cve-assign (Jul 24)