#8302 closed enhancement (fixed)
php-7.0.11 (CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7415 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418)
| Reported by: | Owned by: | Douglas R. Reno | |
|---|---|---|---|
| Priority: | highest | Milestone: | 8.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (4)
comment:1 by , 8 years ago
| Owner: | changed from to |
|---|---|
| Priority: | normal → highest |
| Status: | new → assigned |
comment:2 by , 8 years ago
| Summary: | php-7.0.11 → php-7.0.11 (CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7415 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418) |
|---|
Updated title with CVE numbers.
CVE-2016-7412: Heap overflow in mysqlnd related to BIT fields CVE-2016-7413: wddx_deserialize use-after-free CVE-2016-7414: Out of bounds r/w when verifying signature of zip phar in phar_parse_zipfile CVE-2016-7415: ICU: add locale length check CVE-2016-7416: PHP/ICU: add locale length check CVE-2016-7417: Missing type check when unserializing SplArray CVE-2016-7418: Out-Of-Bounds read in php_wddx_push_element
I'll give links tomorrow.
Note:
See TracTickets
for help on using tickets.
This is a huge security release.
If I could get access to Openwall here at Lewis University, I'd give a CVE list. I know it ranges between 15-20 for this version.