Fedora 25 : php (2016-dc5bf39fcf)

15 Sep 2016 PHP version 7.0.11 Core: - Fixed bug php72944 NULL pointer deref in zvaldelrefp. Dmitry - Fixed bug php72943 assigndim on string doesn't reset hval. Laruence - Fixed bug php72911 Memleak in zendbinaryassignopobjhelper. Laruence - Fixed bug php72813 Segfault with get returned by ref...

Amazon Linux: Security Advisory (ALAS-2016-753)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Integer overflow

Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted imagewebp and...

CVE-2016-7568

Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted imagewebp and...

CVE-2016-7568

Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted imagewebp and...

CVE-2016-7568

Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted imagewebp and...

Internet Bug Bounty: imap_rfc822_parse_headers GS Violation

Upstream issue ---- https://bugs.php.net/bug.php?id=72968 Description ----- Exception when processing a long header string causes GS violation on Windows platform. 0:000:x86 r;!exploitable -v eax=00000001 ebx=08a13020 ecx=00000007 edx=00000000 esi=00000003 edi=08a6116c eip=5221468b esp=0712e408...

Internet Bug Bounty: SEH buffer overflow msgfmt_format_message

Upstream bug --------------- https://bugs.php.net/bug.php?id=73007 Fixed in PHP 7.0.11 and PHP 5.6.26 --------------- http://php.net/ChangeLog-5.php5.6.26 http://php.net/ChangeLog-7.php7.0.11 Patch ------- http://git.php.net/?p=php-src.git;a=commit;h=20fa323d53257a776bd7551ce7bdb2261cfe5420...

UBUNTU-CVE-2016-7412

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...