Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 10 Mar 2016 10:42:28 +0100
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>, security@....net,
	cve-assign@...re.org
Subject: CVE Request: PHP last release security issues

Hi,

PHP released a round of security updates, but no CVEs have apparently been assigned.

from http://php.net/ChangeLog-7.php#7.0.4

	https://bugs.php.net/bug.php?id=71610	Type Confusion Vulnerability - SOAP / make_http_soap_request()

from http://php.net/ChangeLog-5.php#5.6.19
and http://php.net/ChangeLog-5.php#5.5.33

	https://bugs.php.net/bug.php?id=71498	Out-of-Bound Read in phar_parse_zipfile()
	https://bugs.php.net/bug.php?id=71587	Use-After-Free / Double-Free in WDDX Deserialize

There are more bugs in the release announcements with trigger words like
integer overflow or use-after-free, but several if not all of those need
specific PHP code, so basically self-exploitation.

Perhaps the PHP security team can fill in if I missed some or one of the above is not an issue.

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ