Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 23 Jun 2016 08:29:29 -0400 (EDT)
From: cve-assign@...re.org
To: kaplanlior@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE for PHP 5.5.37 issues

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> GD:
>     Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
>     heap overflow). (Pierre)
> 
> https://bugs.php.net/bug.php?id=72339
> http://git.php.net/?p=php-src.git;a=commitdiff;h=7722455726bec8c53458a32851d2a87982cf0eac

Use CVE-2016-5766.


> GD:
>     Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
>     in heap overflow). (Pierre)
> 
> https://bugs.php.net/bug.php?id=72446
> http://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6

Use CVE-2016-5767.


> - mbstring:
>      Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)
> 
> https://bugs.php.net/bug.php?id=72402
> http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62

Use CVE-2016-5768.


> - mcrypt:
>      Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)
> 
> https://bugs.php.net/bug.php?id=72455
> http://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0

Use CVE-2016-5769 for both the mcrypt_generic issue and the mdecrypt_generic issue.


> - SPL:
>     Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
> 
> https://bugs.php.net/bug.php?id=72262
> http://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba

Use CVE-2016-5770.


> SPL:
>     Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
>     unserialize). (Dmitry)
> 
> https://bugs.php.net/bug.php?id=72433
> http://git.php.net/?p=php-src.git;a=commitdiff;h=3f627e580acfdaf0595ae3b115b8bec677f203ee

Use CVE-2016-5771. Note that, unlike bug #72434, this does not affect PHP 7.x.


> - WDDX:
>     Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)
> 
> https://bugs.php.net/bug.php?id=72340
> http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c

Use CVE-2016-5772.


> - zip:
>     Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
>     algorithm and unserialize). (Dmitry)
> 
> https://bugs.php.net/bug.php?id=72434
> http://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6

Use CVE-2016-5773. Note that, unlike bug #72433, this does affect PHP 7.x.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXa9W9AAoJEHb/MwWLVhi21HQP/2TrLMSE66XNehUsc3fp1RhQ
W6Gx2uqOuNt5ueNZE8lSj1WB6HKDQc9gaUIAK6W0G/XFZqg9NNii1w//6zyMAAo6
IOLjcHAOiqxHdqzlg5pHcGjV9tCzshARcE22Uu3A3BljVUycv2CdBFgwGsGAV4FU
rx5YH2C/9pDiuN2rnN/rsD87TYJ3krciTX4tF+AV3EQSkhQYyy8nWIxMsKlV2DsC
DaIaOvB9/10ySOyn5nQ3/2ViTO46LKCI/S7PHuhe6dAQfhXTIllKPRDB8z4dm1YD
WA7o3TzrF+j4wlV2hrZ+VTLIgTkI3uuzqJHisp0vuYo3/PlIqP0FNKwNiM9v31lO
7ivHLnfTVPoCcZCWtS83L6uh/GlkUy8L6k3NZdhcMmdbHp2cp3N7zyfue1WNvD3x
m1bWL41a+VQgxF/jXHUaj814fioA8Rhe/8eXjjYRYmf0UWwEo50M4wQU1gvHm9vT
P+6TvfvlzOIJkLQ1o1prnWRuQhH3BIeHeXJp8k6m+ujHi2orV4zyHJ2E33/pzUP5
+n6deBFsZ7J2z6U4BmaGbMjTgxOKIgrKf10VHW3elVpobwCgS57H7O2I3sLlJqjS
RW70mCPmUYvIbC4nxQsO2kVkbQaERmDItzY70j0zOOBa1+e4ZjpnWHGEBtp56QKg
TF8nawWbJSDCxXEIbb7U
=VMyi
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ