Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 08 Jan 2015 22:11:09 +1100
From: Joshua Rogers <>
Subject: CVE Request: PHP


I'm requesting multiple CVE-ID's for multiple vulnerabilities in PHP
that I found:


CVE Request 1:

Use after free in 'opcache' component of PHP
Bug report:
Commit fix:;a=commit;h=777c39f4042327eac4b63c7ee87dc1c7a09a3115

CVE Request 2:

Uninitalized Pointer Read in PHP core('fopen()')
Bug report:
Commit fix:;a=commit;h=7ebdc8d70d7617f2c3353b027663ef54a24a2248

CVE Request 3:
Uninitalized Pointer Read in PHP core
Bug report:
Commit fix:;a=commit;h=f3ea1b0b6a42a08093bf9191ad76fb4b5e0a653b

CVE Request 4:
Null Pointer Deference in pgsql
Bug report:
Commit fix:;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e

CVE Request 5:
Null Pointer Deference in ereg(regex)
Bug report:
Commit fix:;a=commit;h=124fb22a13fafa3648e4e15b4f207c7096d8155e

-- Joshua Rogers <>

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.