Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 18 Jun 2015 11:22:38 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org, security@....net
Subject: PHP 5.6.10 / 5.5.26 / 5.4.42 CVE request

Hi!

PHP 5.6.10 / 5.5.26 / 5.4.42 releases fix few issues tagged as security
in upstream bug tracker:

Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
https://bugs.php.net/bug.php?id=69646
http://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
(Windows specific)

Imroved fix for bug #69545 (Integer overflow in ftp_genlist() resulting
in heap overflow).
https://bugs.php.net/bug.php?id=69545#1431550655
http://git.php.net/?p=php-src.git;a=commitdiff;h=0765623d6991b62ffcd93ddb6be8a5203a2fa7e2
(#69545 was originally fixed in 5.4.41 / 5.5.25 / 5.6.9 and got
CVE-2015-4022, but the fix was found to be incomplete, as explained in
the upstream bug)

Fixed bug #69719 (Incorrect handling of paths with NULs).
http://bugs.php.net/69719
http://git.php.net/?p=php-src.git;a=commitdiff;h=8fc52d77d6f66c438c98d536e2309b5fd13f90de
(This already got CVE-2015-4598 assigned in
http://seclists.org/oss-sec/2015/q2/727)

Fixed bug #69667 (segfault in php_pgsql_meta_data).
https://bugs.php.net/bug.php?id=69667
http://git.php.net/?p=php-src.git;a=commitdiff;h=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
(Not security bug upstream, but we found this when testing updates with
fixes for CVE-2015-1352.  I believe the original issue that got
CVE-2015-1352 is not considered security by upstream either, so just
noting this for completeness.)

-- 
Tomas Hoger / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ