[php-maint] Bug#731895: Bug#731895: php5: CVE-2013-6420: memory corruption in openssl_x509_parse()
kaplan at debian.org
Wed Dec 11 22:34:05 UTC 2013
As PHP.net has released the fix also for 5.3 and 5.4 branches, I assume
it's relevant for the both squeeze and wheezy. The problematic code was
there for a long time.
On Wed, Dec 11, 2013 at 8:41 AM, Salvatore Bonaccorso <carnil at debian.org>wrote:
> Package: php5
> Severity: grave
> Tags: security upstream patch
> the following vulnerability was published for php5.
> php: memory corruption in openssl_x509_parse()
> The upstream commit is found at .
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> For further information see:
>  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
> Please adjust the affected versions in the BTS as needed; could you
> check if squeeze and wheezy are affected as well?
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the pkg-php-maint