Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 11 Jul 2013 12:03:26 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Jan Lieskovsky <jlieskov@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE Request - php 5.3.27 fixing heap corruption
 in the XML parser

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/11/2013 11:23 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
>   PHP upstream has released 5.3.27 version:
>   [1] http://php.net/archive/2013.php#id2013-07-11-1
> 
> correcting one security flaw (upstream bug #65236):
> [2] http://php.net/ChangeLog-5.php
> [3] https://bugs.php.net/bug.php?id=65236
> 
> Could you allocate a CVE id for this?
> 
> Thank you && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Response Team
> 

Please use CVE-2013-4113 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJR3vNuAAoJEBYNRVNeJnmTnuUP/i5uZVYMONCBm0Zqo8wJr+Aa
94cXOcpNdkgXa71vI0JqUq/BqNScqoq2TFqi4c+L5Qi6jIYELpGcFBf4zkOAw1l7
FQ8VtT4EOIQLyBflPdvs8frBmYWe3NH0hlplgihMEq2Ih8k+W2H3afe29HXGv5tz
XnURgR2zpQr+sATZNoSNmSITVETcD1gxGDCxCYl5FAHOo549zqh1wmw8Jgba+B5U
kvVXLs/DHu9NpB9B0PB9SWMtxQSkG2WRcuMI/C4Zc0EliG9YoC9BM24S1L1OLisn
iH8IqjeTqSUgwcW+BWOgYC0G1CRIBGVB04Ua6NHo34aT3mq8IasEWFIo1d3MQFPz
4YofelrZlhjNwCTX1MXYbF5hRfEqpOnZj4+NLfwVjllQ4tWGawwwXA3vOLXQK18l
XKEh42C/4Jc2PkM90DsxZUPAEnmslpPaXZdyevfvuB4kSZhKRMneH39DP941m14/
GnKXcB2hm4PzFba1dP56YoX8/tEu2qXJYQ879F1wOGBW9tD87kxDnKU5UzqFgmiG
Lk+mhF9EtjSfoYFOeIhIlKWbqlrve8vk5sYgmouMhPhQbRo6ZDpQXpA+7tbSIOmF
xVhQa1gMq2IdFYkVZmJPegK3eBobnO/bpVKzj6RszGVqipFzxTpNXivinkdQT/XI
A0YzJ9NUbVrmvOYFyn6U
=DfQX
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ