FreeBSD Bugzilla – Attachment 157819 Details for
Bug 200926
security/vuxml: document lang/php5* security issues fixed in r389655
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Document php5 security issues fixed in 389655
php-vuln-xml.diff (text/plain), 2.67 KB, created by
Jason Unovitch
on 2015-06-17 02:23:27 UTC
(
hide
)
Description:
Document php5 security issues fixed in 389655
Filename:
MIME Type:
Creator:
Jason Unovitch
Created:
2015-06-17 02:23:27 UTC
Size:
2.67 KB
patch
obsolete
>Index: vuln.xml >=================================================================== >--- vuln.xml (revision 389894) >+++ vuln.xml (working copy) >@@ -57,6 +57,64 @@ > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="cdff0af2-1492-11e5-a1cf-002590263bf5"> >+ <topic>php5 -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>php5</name> >+ <range><lt>5.4.42</lt></range> >+ </package> >+ <package> >+ <name>php55</name> >+ <range><lt>5.5.26</lt></range> >+ </package> >+ <package> >+ <name>php56</name> >+ <range><lt>5.6.10</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The PHP project reports:</p> >+ <blockquote cite="http://php.net/archive/2015.php#id2015-06-11-4"> >+ <p>The PHP development team announces the immediate availability of >+ PHP 5.4.42. Six security-related issues in PHP were fixed in this >+ release, as well as several security issues in bundled sqlite >+ library (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416). All PHP 5.4 >+ users are encouraged to upgrade to this version.</p> >+ </blockquote> >+ <blockquote cite="http://php.net/archive/2015.php#id2015-06-11-1"> >+ <p>The PHP development team announces the immediate availability of >+ PHP 5.5.26. Several bugs have been fixed as well as several security >+ issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, >+ CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.5 users >+ are encouraged to upgrade to this version.</p> >+ </blockquote> >+ <blockquote cite="http://php.net/archive/2015.php#id2015-06-11-2"> >+ <p>The PHP development team announces the immediate availability of >+ PHP 5.6.10. Several bugs have been fixed as well as several security >+ issues into some bundled libraries (CVE-2015-3414, CVE-2015-3415, >+ CVE-2015-3416, CVE-2015-2325 and CVE-2015-2326). All PHP 5.6 users >+ are encouraged to upgrade to this version.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2015-2325</cvename> >+ <cvename>CVE-2015-2326</cvename> >+ <cvename>CVE-2015-3414</cvename> >+ <cvename>CVE-2015-3415</cvename> >+ <cvename>CVE-2015-3416</cvename> >+ <url>http://php.net/archive/2015.php#id2015-06-11-4</url> >+ <url>http://php.net/archive/2015.php#id2015-06-11-1</url> >+ <url>http://php.net/archive/2015.php#id2015-06-11-2</url> >+ </references> >+ <dates> >+ <discovery>2015-06-11</discovery> >+ <entry>2015-06-17</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="c67069dc-0986-11e5-bb90-002590263bf5"> > <topic>testdisk -- buffer overflow with malicious disk image</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=157819">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 200926
:
157819
|
157848
|
157875
|
157908