Date: Wed, 25 May 2016 10:51:15 +0300 From: Lior Kaplan <kaplanlior@...il.com> To: cve-assign@...re.org Cc: oss-security@...ts.openwall.com Subject: Fwd: CVE for PHP 5.5.36 issues Hi, Please assign CVE for the following issues, expected to be part of PHP 5.5.36 Code at http://git.php.net/?p=php-src.git;a=shortlog;h=refs/heads/PHP-5.5 #72227 is a backport from upstream, so we'd prefer to reuse their CVE (if already exists). #72135 and 72114 are PHP 5.x only bugs. Thanks, Kaplan ---------- Forwarded message ---------- From: Lior Kaplan <kaplanlior@...il.com> Date: Wed, May 25, 2016 at 12:55 AM Subject: CVE for PHP 5.5.36 issues ? To: "security@....net" <security@....net> Following my mail bellow from last week, these are the issues which got fixed in the security repository for PHP 5.5. commit 7a1aac3343af85b4af4df5f8844946eaa27394ab Author: Stanislav Malyshev <stas@....net> Date: Mon May 23 00:28:02 2016 -0700 Fixed bug #72227: imagescale out-of-bounds read Ported from https://github.com/libgd/libgd/commit/4f65a3e4eedaffa1efcf9ee1eb08f0b504fbc31a commit 97eff7eb57fc2320c267a949cffd622c38712484 Author: Stanislav Malyshev <stas@....net> Date: Sun May 22 17:49:02 2016 -0700 Fix bug #72241: get_icu_value_internal out-of-bounds read commit 0da8b8b801f9276359262f1ef8274c7812d3dfda Author: Stanislav Malyshev <stas@....net> Date: Sun May 15 23:26:51 2016 -0700 Fix bug #72135 - don't create strings with lengths outside int range commit abd159cce48f3e34f08e4751c568e09677d5ec9c Author: Stanislav Malyshev <stas@....net> Date: Mon May 9 21:55:29 2016 -0700 Fix bug #72114 - int/size_t confusion in fread
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.