Source: php5 Severity: grave Tags: security upstream Hi
A heap-based buffer overflow was commited in [1], Red Hat Bugzilla reference at [2]. [1] https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1108447 A CVE assignment is pending. Could you also mark affected versions for the BTS? From a quick(!) look it seems that all versions have the vulnerable code present. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
