Date: Fri, 17 Apr 2015 05:06:32 -0400 From: Marc Deslauriers <marc.deslauriers@...onical.com> To: oss-security@...ts.openwall.com CC: cve-assign@...re.org, security@....net Subject: CVE Request: PHP potential remote code execution with apache 2.4 apache2handler Hello, PHP 5.4.40, 5.5.24 and 5.6.8 fixed a potential remote code execution vulnerability when used with the Apache 2.4 apache2handler. https://bugs.php.net/bug.php?id=69218 https://bugs.php.net/bug.php?id=68486 (still private) Fixed by: http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7 Could a CVE please be assigned to this issue? Thanks, Marc.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ