Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 18 Nov 2010 17:22:53 +0100
From: Pierre Joye <pierre.php@...il.com>
To: oss-security@...ts.openwall.com
Subject: NULL byte poisoning fix in php 5.3.4+

hi,

The problem describes here http://www.madirish.net/?article=436, in
http://bugs.php.net/39863 (and numerous other places) has been fixed
in PHP_5_3, targetting 5.3.4 (RC1 to be released today). It is a well
(old) known issue in PHP and I wonder if there is a CVE already for
it? If not I think having one could helpful. or?

Cheers,
-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ