Add CVE for bugs in 5.5.25

2024-09-22 02:17:32 +00:00 · 2015-05-22 10:58:28 +03:00 · 2015-05-22 10:58:28 +03:00 · c9ac441fe8
commit c9ac441fe8
parent a7de68f98a
1 changed files with 9 additions and 6 deletions
--- a/15
+++ b/15
@ -30,10 +30,12 @@ PHP                                                                        NEWS
 14 May 2015, PHP 5.5.25

 - Core:
-  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)
+  . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability).
+    (CVE-2015-4024) (Stas)
  . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). 
    (Stas)
-  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)
+  . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (CVE-2015-4025)
+    (Stas)
  . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)
  . Fixed bug #69467 (Wrong checked for the interface by using Trait). 
    (Laruence)
@ -50,7 +52,7 @@ PHP                                                                        NEWS

 - FTP:
  . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap
-    overflow). (Stas)
+    overflow). (CVE-2015-4022) (Stas)

 - ODBC:
  . Fixed bug #69474 (ODBC: Query with same field name from two tables returns
@ -63,11 +65,12 @@ PHP                                                                        NEWS
    (Daniel Lowrey)

 - PCNTL:
-  . Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)
+  . Fixed bug #68598 (pcntl_exec() should not allow null char). (CVE-2015-4026)
+    (Stas)

 - Phar:
-  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename
-    starts with null). (Stas)
+  . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry
+    filename starts with null). (CVE-2015-4021) (Stas)

 16 Apr 2015, PHP 5.5.24