Date: Thu, 16 Jul 2015 11:36:13 -0500 From: Mark Felder <feld@...d.me> To: oss-security@...ts.openwall.com Subject: Re: CVE Request: use after free in PHP 5.6 and 7 (possibly others) On Thu, Jul 16, 2015, at 01:24, Brian Carpenter wrote: > Bug Report: > https://bugs.php.net/bug.php?id=70083 > > -Type: Security > +Type: Bug Interesting that they removed the Security label > PHP 5.5 and below are in sec-fixes only mode. I fixed the bug in PHP 5.6 though; They seem to think it's not a security issue and won't be patching < 5.6 ?
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ