Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 10 Mar 2015 10:16:26 -0400 (EDT)
From: Francisco Alonso <falonsoe@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: CVE Request: PHP 5.6.6 changelog

Hi,

Could a CVE be please assigned to the following issues? [3] (in case it was
not requested to MITRE before):

[1] PHP: heap buffer overflow in enchant_broker_request_dict() :
https://bugs.php.net/bug.php?id=68552
http://svn.php.net/viewvc/pecl/enchant/trunk/enchant.c?r1=317600&r2=335803
https://bugzilla.redhat.com/show_bug.cgi?id=1194737


[2] PHP: Double free with disabled ZMM:
https://bugs.php.net/bug.php?id=68827
http://git.php.net/?p=php-src.git;a=commit;h=91aa340180eccfc15d4a143b54d47b8120f898be
https://bugzilla.redhat.com/show_bug.cgi?id=1194741


[3] PHP: use after free in phar_object.c
https://bugs.php.net/bug.php?id=68901
http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
https://bugzilla.redhat.com/show_bug.cgi?id=1194747


Thank you

Francisco Alonso / Red Hat Product Security
PGP: 0xA026440E 0825 020C 7A5A 4F86 9038  B1C8 5562 688F A026 440E

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ