Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 23 Jun 2016 08:29:29 -0400 (EDT)
From: cve-assign@...re.org
To: kaplanlior@...il.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE for PHP 5.5.37 issues

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> GD:
>     Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in
>     heap overflow). (Pierre)
> 
> https://bugs.php.net/bug.php?id=72339
> http://git.php.net/?p=php-src.git;a=commitdiff;h=7722455726bec8c53458a32851d2a87982cf0eac

Use CVE-2016-5766.


> GD:
>     Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
>     in heap overflow). (Pierre)
> 
> https://bugs.php.net/bug.php?id=72446
> http://git.php.net/?p=php-src.git;a=commitdiff;h=c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6

Use CVE-2016-5767.


> - mbstring:
>      Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)
> 
> https://bugs.php.net/bug.php?id=72402
> http://git.php.net/?p=php-src.git;a=commitdiff;h=5b597a2e5b28e2d5a52fc1be13f425f08f47cb62

Use CVE-2016-5768.


> - mcrypt:
>      Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)
> 
> https://bugs.php.net/bug.php?id=72455
> http://git.php.net/?p=php-src.git;a=commitdiff;h=6c5211a0cef0cc2854eaa387e0eb036e012904d0

Use CVE-2016-5769 for both the mcrypt_generic issue and the mdecrypt_generic issue.


> - SPL:
>     Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
> 
> https://bugs.php.net/bug.php?id=72262
> http://git.php.net/?p=php-src.git;a=commitdiff;h=7245bff300d3fa8bacbef7897ff080a6f1c23eba

Use CVE-2016-5770.


> SPL:
>     Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and
>     unserialize). (Dmitry)
> 
> https://bugs.php.net/bug.php?id=72433
> http://git.php.net/?p=php-src.git;a=commitdiff;h=3f627e580acfdaf0595ae3b115b8bec677f203ee

Use CVE-2016-5771. Note that, unlike bug #72434, this does not affect PHP 7.x.


> - WDDX:
>     Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)
> 
> https://bugs.php.net/bug.php?id=72340
> http://git.php.net/?p=php-src.git;a=commitdiff;h=a44c89e8af7c2410f4bfc5e097be2a5d0639a60c

Use CVE-2016-5772.


> - zip:
>     Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
>     algorithm and unserialize). (Dmitry)
> 
> https://bugs.php.net/bug.php?id=72434
> http://git.php.net/?p=php-src.git;a=commitdiff;h=f6aef68089221c5ea047d4a74224ee3deead99a6

Use CVE-2016-5773. Note that, unlike bug #72433, this does affect PHP 7.x.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXa9W9AAoJEHb/MwWLVhi21HQP/2TrLMSE66XNehUsc3fp1RhQ
W6Gx2uqOuNt5ueNZE8lSj1WB6HKDQc9gaUIAK6W0G/XFZqg9NNii1w//6zyMAAo6
IOLjcHAOiqxHdqzlg5pHcGjV9tCzshARcE22Uu3A3BljVUycv2CdBFgwGsGAV4FU
rx5YH2C/9pDiuN2rnN/rsD87TYJ3krciTX4tF+AV3EQSkhQYyy8nWIxMsKlV2DsC
DaIaOvB9/10ySOyn5nQ3/2ViTO46LKCI/S7PHuhe6dAQfhXTIllKPRDB8z4dm1YD
WA7o3TzrF+j4wlV2hrZ+VTLIgTkI3uuzqJHisp0vuYo3/PlIqP0FNKwNiM9v31lO
7ivHLnfTVPoCcZCWtS83L6uh/GlkUy8L6k3NZdhcMmdbHp2cp3N7zyfue1WNvD3x
m1bWL41a+VQgxF/jXHUaj814fioA8Rhe/8eXjjYRYmf0UWwEo50M4wQU1gvHm9vT
P+6TvfvlzOIJkLQ1o1prnWRuQhH3BIeHeXJp8k6m+ujHi2orV4zyHJ2E33/pzUP5
+n6deBFsZ7J2z6U4BmaGbMjTgxOKIgrKf10VHW3elVpobwCgS57H7O2I3sLlJqjS
RW70mCPmUYvIbC4nxQsO2kVkbQaERmDItzY70j0zOOBa1+e4ZjpnWHGEBtp56QKg
TF8nawWbJSDCxXEIbb7U
=VMyi
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.