[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Re: CVE request, php var_export
From: Pierre Joye <pierre.php () gmail ! com>
Date: 2010-07-16 15:13:38
Message-ID: AANLkTinDGbKrJILvp_CQeXi78uc_3_g0ih6GBykiuBFu () mail ! gmail ! com
[Download RAW message or body]
hi,
Thanks and no problem, we are in time for the next release :)
Cheers,
On Fri, Jul 16, 2010 at 5:10 PM, Josh Bressers <bressers@redhat.com> wrote:
> Please use CVE-2010-2531
>
> Sorry for the delay.
>
> --
> JB
>
>
> ----- "Pierre Joye" <pierre.php@gmail.com> wrote:
>
>> hi,
>>
>> Has anyone got the time to look at this request? I would like to have
>> an ID for the last RC before we release final next week (packaging
>> RCs
>> tonight).
>>
>> On Tue, Jul 13, 2010 at 9:00 PM, Pierre Joye <pierre.php@gmail.com>
>> wrote:
>> > hi,
>> >
>> > I would like to request a new # for a flaw in php's var_export. The
>> > reason is that a fatal error occurs due to recursion, memory limit
>> or
>> > execution time var_export bails out. The buffer is never cleared
>> and
>> > it flushes to the user. It's not affected by display_errors() since
>> > its considered part of the output.
>> >
>> > Fix already commited to trunk, 5.2 and 5.3 and will be in the next
>> PHP
>> > releases (5.2.14 and 5.3.3):
>> >
>> > http://svn.php.net/viewvc?view=revision&revision=301143
>> >
>> > Cheers,
>> > --
>> > Pierre
>> >
>> > @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
>> >
>>
>>
>>
>> --
>> Pierre
>>
>> @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
>
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic