TEMP-0000000-FE3BD0

NameTEMP-0000000-FE3BD0
DescriptionSession WDDX Packet Deserialization Type Confusion Vulnerability
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
php5 (PTS)jessie5.6.33+dfsg-0+deb8u1fixed
jessie (security)5.6.36+dfsg-0+deb8u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
php5source(unstable)5.6.17+dfsg-1
php5sourcejessie5.6.17+dfsg-0+deb8u1
php5sourcewheezy5.4.45-0+deb7u4

Notes

Workaround entry for DLA-533-1 until CVE is assigned
https://git.php.net/?p=php-src.git;a=commit;h=1785d2b805f64eaaacf98c14c9e13107bf085ab1
https://bugs.php.net/bug.php?id=70741
CVE Request: http://www.openwall.com/lists/oss-security/2016/02/03/3

Search for package or bug name: Reporting problems