Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 17 Apr 2015 05:06:32 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: oss-security@...ts.openwall.com
CC: cve-assign@...re.org, security@....net
Subject: CVE Request: PHP potential remote code execution with apache 2.4
 apache2handler

Hello,

PHP 5.4.40, 5.5.24 and 5.6.8 fixed a potential remote code execution
vulnerability when used with the Apache 2.4 apache2handler.

https://bugs.php.net/bug.php?id=69218
https://bugs.php.net/bug.php?id=68486 (still private)

Fixed by:

http://git.php.net/?p=php-src.git;a=commit;h=809610f5ea38a83b284e1125d1fff129bdd615e7

Could a CVE please be assigned to this issue?

Thanks,

Marc.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.