Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Mar 2015 11:51:59 +1100
From: Joshua Rogers <oss@...ernot.info>
To: oss-security@...ts.openwall.com
Subject: Re: Re: CVE Request: PHP 5.6.6 changelog

Reporter here of 2 bugs.


On 11/03/15 21:45, Francisco Alonso wrote:
> > [2] PHP: Double free with disabled ZMM:
> > https://bugs.php.net/bug.php?id=68827
> > http://git.php.net/?p=php-src.git;a=commit;h=91aa340180eccfc15d4a143b54d47b8120f898be
> > https://bugzilla.redhat.com/show_bug.cgi?id=1194741
> > 
Not a security vuln.


> [3] PHP: use after free in phar_object.c
> https://bugs.php.net/bug.php?id=68901
> http://git.php.net/?p=php-src.git;a=commit;h=b2cf3f064b8f5efef89bb084521b61318c71781b
> https://bugzilla.redhat.com/show_bug.cgi?id=1194747
I'm going to be honest: I can't remember why I didn't get a CVE assigned
for this.


Thanks,
-- 
-- Joshua Rogers <https://internot.info/>


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ