Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 17 Apr 2015 05:06:32 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: oss-security@...ts.openwall.com
CC: cve-assign@...re.org, security@....net
Subject: CVE Request: PHP potential remote code execution with apache 2.4
 apache2handler

Hello,

PHP 5.4.40, 5.5.24 and 5.6.8 fixed a potential remote code execution
vulnerability when used with the Apache 2.4 apache2handler.

https://bugs.php.net/bug.php?id=69218
https://bugs.php.net/bug.php?id=68486 (still private)

Fixed by:

http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7

Could a CVE please be assigned to this issue?

Thanks,

Marc.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ