[php-maint] Bug#751364: php5: heap-based buffer overflow in DNS TXT record parsing
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 12 06:19:38 UTC 2014
Source: php5
Severity: grave
Tags: security upstream
Hi
A heap-based buffer overflow was commited in [1], Red Hat Bugzilla
reference at [2].
[1] https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1108447
A CVE assignment is pending. Could you also mark affected versions for
the BTS? From a quick(!) look it seems that all versions have the
vulnerable code present.
Regards,
Salvatore
More information about the pkg-php-maint
mailing list