FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
b6402385-533b-11e6-a7bd-14dae9d210b8	php -- multiple vulnerabilities PHP reports: Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns) Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()). Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access). Fixed bug #72519 (imagegif/output out-of-bounds access). Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener). Fixed bug #72533 (locale_accept_from_http out-of-bounds access). Fixed bug #72541 (size_t overflow lead to heap corruption). Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic). Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()). Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications). Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE). Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c). Fixed bug #72613 (Inadequate error handling in bzread()). Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment). Discovery 2016-07-21 Entry 2016-07-26 php55 lt 5.5.38 php56 lt 5.6.24 php70 lt 7.0.9 php70-curl lt 7.0.9 php55-bz2 lt 5.5.38 php56-bz2 lt 5.6.24 php70-bz2 lt 7.0.9 php55-exif lt 5.5.38 php56-exif lt 5.6.24 php70-exif lt 7.0.9 php55-gd lt 5.5.38 php56-gd lt 5.6.24 php70-gd lt 7.0.9 php70-mcrypt lt 7.0.9 php55-odbc lt 5.5.38 php56-odbc lt 5.6.24 php70-odbc lt 7.0.9 php55-snmp lt 5.5.38 php56-snmp lt 5.6.24 php70-snmp lt 7.0.9 php55-xmlrpc lt 5.5.38 php56-xmlrpc lt 5.6.24 php70-xmlrpc lt 7.0.9 php55-zip lt 5.5.38 php56-zip lt 5.6.24 php70-zip lt 7.0.9 http://www.php.net/ChangeLog-5.php#5.5.38 http://www.php.net/ChangeLog-5.php#5.6.24 http://www.php.net/ChangeLog-7.php#7.0.8 http://seclists.org/oss-sec/2016/q3/121 CVE-2015-8879 CVE-2016-5385 CVE-2016-5399 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297

VuXML ID

Description

b6402385-533b-11e6-a7bd-14dae9d210b8

php -- multiple vulnerabilities

PHP reports:

Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)

Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()).

Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access).

Fixed bug #72519 (imagegif/output out-of-bounds access).

Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener).

Fixed bug #72533 (locale_accept_from_http out-of-bounds access).

Fixed bug #72541 (size_t overflow lead to heap corruption).

Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic).

Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).

Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications).

Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).

Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).

Fixed bug #72613 (Inadequate error handling in bzread()).

Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).

Discovery 2016-07-21
Entry 2016-07-26
php55

lt 5.5.38

php56

lt 5.6.24

php70

lt 7.0.9

php70-curl

lt 7.0.9

php55-bz2

lt 5.5.38

php56-bz2

lt 5.6.24

php70-bz2

lt 7.0.9

php55-exif

lt 5.5.38

php56-exif

lt 5.6.24

php70-exif

lt 7.0.9

php55-gd

lt 5.5.38

php56-gd

lt 5.6.24

php70-gd

lt 7.0.9

php70-mcrypt

lt 7.0.9

php55-odbc

lt 5.5.38

php56-odbc

lt 5.6.24

php70-odbc

lt 7.0.9

php55-snmp

lt 5.5.38

php56-snmp

lt 5.6.24

php70-snmp

lt 7.0.9

php55-xmlrpc

lt 5.5.38

php56-xmlrpc

lt 5.6.24

php70-xmlrpc

lt 7.0.9

php55-zip

lt 5.5.38

php56-zip

lt 5.6.24

php70-zip

lt 7.0.9

http://www.php.net/ChangeLog-5.php#5.5.38
http://www.php.net/ChangeLog-5.php#5.6.24
http://www.php.net/ChangeLog-7.php#7.0.8
http://seclists.org/oss-sec/2016/q3/121
CVE-2015-8879
CVE-2016-5385
CVE-2016-5399
CVE-2016-6288
CVE-2016-6289
CVE-2016-6290
CVE-2016-6291
CVE-2016-6292
CVE-2016-6294
CVE-2016-6295
CVE-2016-6296
CVE-2016-6297