FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 19:33:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6b771fe2-b84e-11e5-92f9-485d605f4717php -- multiple vulnerabilities

PHP reports:

  • Core:
    • Fixed bug #70755 (fpm_log.c memory leak and buffer overflow).
  • GD:
    • Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds).
  • SOAP:
    • Fixed bug #70900 (SoapClient systematic out of memory error).
  • Wddx
    • Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
    • Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability).
  • XMLRPC:
    • Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).

Discovery 2016-01-07
Entry 2016-01-11
php55
php55-gd
php55-wddx
php55-xmlrpc
< 5.5.31

php56
php56-gd
php56-soap
php56-wddx
php56-xmlrpc
< 5.6.17

http://www.php.net/ChangeLog-5.php#5.5.31
http://www.php.net/ChangeLog-5.php#5.6.17
b6402385-533b-11e6-a7bd-14dae9d210b8php -- multiple vulnerabilities

PHP reports:

  • Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)

  • Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()).

  • Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access).

  • Fixed bug #72519 (imagegif/output out-of-bounds access).

  • Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener).

  • Fixed bug #72533 (locale_accept_from_http out-of-bounds access).

  • Fixed bug #72541 (size_t overflow lead to heap corruption).

  • Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic).

  • Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).

  • Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications).

  • Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).

  • Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).

  • Fixed bug #72613 (Inadequate error handling in bzread()).

  • Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).


Discovery 2016-07-21
Entry 2016-07-26
php55
< 5.5.38

php56
< 5.6.24

php70
< 7.0.9

php70-curl
< 7.0.9

php55-bz2
< 5.5.38

php56-bz2
< 5.6.24

php70-bz2
< 7.0.9

php55-exif
< 5.5.38

php56-exif
< 5.6.24

php70-exif
< 7.0.9

php55-gd
< 5.5.38

php56-gd
< 5.6.24

php70-gd
< 7.0.9

php70-mcrypt
< 7.0.9

php55-odbc
< 5.5.38

php56-odbc
< 5.6.24

php70-odbc
< 7.0.9

php55-snmp
< 5.5.38

php56-snmp
< 5.6.24

php70-snmp
< 7.0.9

php55-xmlrpc
< 5.5.38

php56-xmlrpc
< 5.6.24

php70-xmlrpc
< 7.0.9

php55-zip
< 5.5.38

php56-zip
< 5.6.24

php70-zip
< 7.0.9

http://www.php.net/ChangeLog-5.php#5.5.38
http://www.php.net/ChangeLog-5.php#5.6.24
http://www.php.net/ChangeLog-7.php#7.0.8
http://seclists.org/oss-sec/2016/q3/121
CVE-2015-8879
CVE-2016-5385
CVE-2016-5399
CVE-2016-6288
CVE-2016-6289
CVE-2016-6290
CVE-2016-6291
CVE-2016-6292
CVE-2016-6294
CVE-2016-6295
CVE-2016-6296
CVE-2016-6297