Date: Tue, 21 Jul 2015 21:51:01 +0200 From: Tomas Hoger <thoger@...hat.com> To: cve-assign@...re.org Cc: Vasyl Kaigorodov <vkaigoro@...hat.com>, oss-security@...ts.openwall.com, security@....net Subject: Re: CVE request: php - segmentation fault in Phar::convertToData; buffer overflow in phar_fix_filepath; On Fri, 17 Jul 2015 15:54:25 +0200 Vasyl Kaigorodov wrote: > I'd like to request a CVEs for the below issues fixed in PHP 5.5.27 > and 5.4.43 (5.6.x was not affected by those it looks like): > > Segfault in Phar::convertToData on invalid file > https://bugs.php.net/bug.php?id=69958 > http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf > > Buffer overflow and stack smashing error in phar_fix_filepath > https://bugs.php.net/bug.php?id=69923 > http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f Another fix noted in 5.6.11 / 5.5.27 / 5.4.43 is: Mysqlnd: Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM). (CVE-2015-3152) https://bugs.php.net/bug.php?id=69669 http://git.php.net/?p=php-src.git;a=commitdiff;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 It references a CVE that was assigned to MySQL / libmysqlclient. As the fix was applied to mysqlnd - re-implementation of the MySQL client - can the original BACKRONYM CVE still be used here, or is a new CVE id needed? Thank you! -- Tomas Hoger / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ