/[smeserver]/rpms/php/sme8/php-5.3.3-CVE-2014-3515.patch
ViewVC logotype

Log of /rpms/php/sme8/php-5.3.3-CVE-2014-3515.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Links to HEAD: (view) (download) (annotate)
Links to HEAD: (view) (download) (annotate)
Sticky Tag:

Revision 1.1 - (view) (download) (annotate) - [select for diffs]
Thu Aug 7 07:05:52 2014 UTC (10 years, 3 months ago) by vip-ire
Branch: MAIN
CVS Tags: HEAD, php-5_3_3-15_el5_sme, php-5_3_3-16_el5_sme, php-5_3_3-17_el5_sme
* Thu Aug 7 2014 Daniel Berteaud <daniel@firewall-services.com> - 5.3.3-15.sme
- Resync with upstream php53, which include (see [SME: 8515])
- core: type confusion issue in phpinfo(). CVE-2014-4721
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
- core: fix heap-based buffer overflow in DNS TXT record parsing.
  CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type
  confusion flaw. CVE-2014-3515
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
- fileinfo: unrestricted recursion in handling of indirect type
  rules. CVE-2014-1943
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480
- fileinfo: cdf_unpack_summary_info() excessive looping
  DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite
  loop. CVE-2014-0238


This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, select a symbolic revision name using the selection box, or choose 'Use Text Field' and enter a numeric revision.

  Diffs between and
  Type of Diff should be a

Sort log by:

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed