Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <54A157E5.3050901@internot.info>
Date: Tue, 30 Dec 2014 00:32:21 +1100
From: Joshua Rogers <oss@...ernot.info>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Subject: CVE Request: Double Free in PHP

Hi,

I found a double-free in PHP: https://bugs.php.net/bug.php?id=68676

And it has been patched in the following commits:

http://git.php.net/?p=php-src.git;a=commit;h=2bcf69d073190e4f032d883f3416dea1b027a39e
http://git.php.net/?p=php-src.git;a=commit;h=24125f0f26f3787c006e4a51611ba33ee3b841cb
http://git.php.net/?p=php-src.git;a=commit;h=fbf3a6bc1abcc8a5b5226b0ad9464c37f11ddbd6

It has existed since 2002.


Could I get a CVE-ID for this?

Thanks,
-- 
-- Joshua Rogers <https://internot.info/>


Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.