Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 02 May 2008 11:02:02 -0400
From: Josh Bressers <bressers@...hat.com>
To: coley@...re.org
cc: oss-security@...ts.openwall.com
Subject: CVE Request (PHP)

So as some may have noticed, PHP 5.2.6 is out.  Most of the flaws noted in
the changelog have CVE ids, so here is the list:

* Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
    http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u

* Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
  (CVE-2008-1384)
    http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.104&r2=1.105&diff_format=u

* Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
    http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u

* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
  (CVE-2007-4850)

* Properly address incomplete multibyte chars inside escapeshellcmd()
  identified by Stefan Esser.
    http://cvs.php.net/viewvc.cgi/php-src/ext/standard/exec.c?r1=1.113.2.3.2.1.2.3&r2=1.113.2.3.2.1.2.4&diff_format=u

* Upgraded bundled PCRE to version 7.6 (fixes CVE-2008-0674)

Only two seem to need CVE ids:

* Fixed possible stack buffer overflow in the FastCGI SAPI identified by
  Andrei Nigmatulin.

* Properly address incomplete multibyte chars inside escapeshellcmd() 
  identified by Stefan Esser.

Steve, can you help out.

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ