Date: Thu, 4 Dec 2008 13:43:46 -0800 From: David Remahl <dremahl@...le.com> To: oss-security@...ts.openwall.com, "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE for SE-2008-06 in PHP 5.2.7 (ZipArchive) http://www.sektioneins.de/advisories/SE-2008-06.txt PHP 5.2.7 addresses several CVEs that are listed in the NEWS file. Apparently, it also addresses the above bug, but no CVE has been assigned: - Fixed extraction of zip files or directories when the entry name is a relative path. (Pierre) The advisory from Stefan also does not contain a CVE. Steve, please assign / Regards, David
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.