Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Dec 2010 15:38:00 +0100
From: Pierre Joye <pierre.php@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Re: NULL byte poisoning fix in php 5.3.4+

On Thu, Dec 9, 2010 at 3:34 PM, Steven M. Christey
<coley@...us.mitre.org> wrote:
>
> On Thu, 9 Dec 2010, Pierre Joye wrote:
>
>> We are about to release 5.2.15 and 5.3.4, can anyone please get an id
>> for this issue?
>
> I just assigned CVE-2006-7243 to the http://bugs.php.net/39863 issue, i.e.
> NULL injection in file_exists() *only*.
>
> However, as already stated, the issue of NULL byte injection with PHP dates
> back to 1999 or so (ouch... I remember that).  If PHP is addressing NULL
> byte injection beyond just file_exists(), then that may need a separate CVE.

We fixed it for all file functions. See the link to the commit for
more details about which codes have been changed. Do we need a CVE for
every function? I hope not :)

Cheers,
-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ