|
Date: Mon, 12 Dec 2016 12:13:45 +0200 From: Lior Kaplan <kaplanlior@...il.com> To: cve-assign@...re.org Cc: "security@....net" <security@....net>, oss-security@...ts.openwall.com Subject: CVE assignment for PHP 5.6.28, 5.6.29, 7.0.13, 7.0.14 and 7.1.0 Hi, Please assign a CVE for the following issues: Fixed in PHP 5.6.28, 7.0.13 and 7.1.0: Bug #72696 imagefilltoborder stackoverflow on truecolor images https://bugs.php.net/bug.php?id=72696 https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1 Fixed in PHP 5.6.28, 7.0.13 and 7.1.0: Bug #73331 NULL Pointer Dereference in WDDX Packet Deserialization with PDORow https://bugs.php.net/bug.php?id=73331 https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d Fixed in PHP 5.6.29 and 7.0.14: Bug #73631 Invalid read when wddx decodes empty boolean element https://bugs.php.net/bug.php?id=73631 https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0 Fixed in PHP 7.0.14 and 7.1.0: Bug #72978 Use After Free in PHP7 unserialize() https://bugs.php.net/bug.php?id=72978 https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17 Kaplan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.