FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  517534
Date:      2019-11-13
Time:      23:45:36Z
Committer: sunpoet

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2d56308b-c0a8-11e6-a9a5-b499baebfeafPHP -- Multiple vulnerabilities

The PHP project reports:

This is a security release. Several security bugs were fixed in this release.


Discovery 2016-12-12
Entry 2016-12-12
php56
lt 5.6.29

php70
lt 7.0.14

http://php.net/archive/2016.php#id2016-12-08-1
http://php.net/archive/2016.php#id2016-12-08-2
8d5180a6-86fe-11e6-8d93-00248c0c745dPHP -- multiple vulnerabilities

PHP reports:

  • Fixed bug #73007 (add locale length check)

  • Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields)

  • Fixed bug #72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile)

  • Fixed bug #73029 (Missing type check when unserializing SplArray)

  • Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction)

  • Fixed bug #72860 (wddx_deserialize use-after-free)

  • Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element)


Discovery 2016-09-16
Entry 2016-09-30
php56
lt 5.6.26

http://php.net/ChangeLog-5.php#5.6.26
CVE-2016-7416
CVE-2016-7412
CVE-2016-7414
CVE-2016-7417
CVE-2016-7411
CVE-2016-7413
CVE-2016-7418
de7a2b32-bd7d-11e7-b627-d43d7e971a1bPHP -- denial of service attack

The PHP project reports:

The PHP development team announces the immediate availability of PHP 5.6.32. This is a security release. Several security bugs were fixed in this release. All PHP 5.6 users are encouraged to upgrade to this version.

The PHP development team announces the immediate availability of PHP 7.0.25. This is a security release. Several security bugs were fixed in this release. All PHP 7.0 users are encouraged to upgrade to this version.

The PHP development team announces the immediate availability of PHP 7.1.11. This is a bugfix release, with several bug fixes included. All PHP 7.1 users are encouraged to upgrade to this version.


Discovery 2017-10-26
Entry 2017-10-30
Modified 2017-11-14
php56
lt 5.6.32

php70
lt 7.0.25

php71
lt 7.1.11

http://php.net/archive/2017.php#id2017-10-26-3
http://php.net/archive/2017.php#id2017-10-26-1
http://php.net/archive/2017.php#id2017-10-27-1
CVE-2016-1283
709e025a-de8b-11e6-a9a5-b499baebfeafPHP -- undisclosed vulnerabilities

The PHP project reports:

The PHP development team announces the immediate availability of PHP 7.0.15. This is a security release. Several security bugs were fixed in this release.

The PHP development team announces the immediate availability of PHP 5.6.30. This is a security release. Several security bugs were fixed in this release.


Discovery 2017-01-19
Entry 2017-01-19
Modified 2017-01-20
php56
lt 5.6.30

php70
lt 7.0.15

http://php.net/archive/2017.php#id2017-01-19-2
http://php.net/archive/2017.php#id2017-01-19-3