Source: php5 Severity: grave Tags: security upstream Hi
A heap-based buffer overflow was commited in [1], Red Hat Bugzilla reference at [2]. [1] https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1108447 A CVE assignment is pending. Could you also mark affected versions for the BTS? From a quick(!) look it seems that all versions have the vulnerable code present. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
