FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-11-25 08:52:18 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|
| 787ef75e-44da-11e5-93ad-002590263bf5 | php5 -- multiple vulnerabilities
The PHP project reports:
Core:
- Fixed bug #69793 (Remotely triggerable stack exhaustion via
recursive method calls).
- Fixed bug #70121 (unserialize() could lead to unexpected methods
execution / NULL pointer deref).
OpenSSL:
- Fixed bug #70014 (openssl_random_pseudo_bytes() is not
cryptographically secure).
Phar:
- Improved fix for bug #69441.
- Fixed bug #70019 (Files extracted from archive may be placed
outside of destination directory).
SOAP:
- Fixed bug #70081 (SoapClient info leak / null pointer
dereference via multiple type confusions).
SPL:
- Fixed bug #70068 (Dangling pointer in the unserialization of
ArrayObject items).
- Fixed bug #70166 (Use After Free Vulnerability in unserialize()
with SPLArrayObject).
- Fixed bug #70168 (Use After Free Vulnerability in unserialize()
with SplObjectStorage).
- Fixed bug #70169 (Use After Free Vulnerability in unserialize()
with SplDoublyLinkedList).
Discovery 2015-08-06
Entry 2015-08-17
Modified 2015-09-08
php5
php5-openssl
php5-phar
php5-soap
< 5.4.44
php55
php55-openssl
php55-phar
php55-soap
< 5.5.28
php56
php56-openssl
php56-phar
php56-soap
< 5.6.12
http://php.net/ChangeLog-5.php#5.4.44
http://php.net/ChangeLog-5.php#5.5.28
http://php.net/ChangeLog-5.php#5.6.12
CVE-2015-6831
CVE-2015-6832
CVE-2015-6833
|