Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 2 Sep 2016 11:42:31 +0300
From: Lior Kaplan <kaplanlior@...il.com>
To: cve-assign@...re.org
Cc: oss-security@...ts.openwall.com, "security@....net" <security@....net>
Subject: CVE assignment for PHP 5.6.25 and 7.0.10

Hello Mitre team,

Please consider CVE assignment for the following issues in PHP.

Shared between PHP 5.6.25 and 7.0.10:

Core:

Bug #72663 <https://bugs.php.net/bug.php?id=72663> Create an Unexpected
Object and Don't Invoke __wakeup() in Deserialization
Bug #72681 <https://bugs.php.net/bug.php?id=72681> PHP Session Data
Injection Vulnerability

GD:

Bug #72697 <https://bugs.php.net/bug.php?id=72697> select_colors write
out-of-bounds
Bug #72730 <https://bugs.php.net/bug.php?id=72730> imagegammacorrect allows
arbitrary write access


EXIF:

Bug #72627 <https://bugs.php.net/bug.php?id=72627> Memory Leakage In
exif_process_IFD_in_TIFF



WDDX:

Bug #72749 <https://bugs.php.net/bug.php?id=72749> wddx_deserialize allows
illegal memory access
Bug #72750 <https://bugs.php.net/bug.php?id=72750> wddx_deserialize null
dereference
Bug #72790 <https://bugs.php.net/bug.php?id=72790> wddx_deserialize null
dereference with invalid xml
Bug #72799 <https://bugs.php.net/bug.php?id=72799> wddx_deserialize null
dereference in php_wddx_pop_element


PHP 7.0.10 only:

Core:

Bug #72742 <https://bugs.php.net/bug.php?id=72742> memory allocator fails
to realloc small block to large one


cURL:

Bug #72674 <https://bugs.php.net/bug.php?id=72674> Heap overflow in
curl_escape

Thanks,

Kaplan

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ