Hi,
2012/6/12 Jason Hellenthal :
[...]
>
> Timeline:
> -
> * 2012 Feb - Discovered in 5.3.8, verified for 5.3.0/5.3.10 and 5.4.0
> * 2012 March - Responsible Disclosure via SSD/BeyondSecurity
> * 2012 April - Patch available 2012-04-19
> * 2012 May/June - No trace of bugfix in svn for 5.
FYI
I verified this on a working system.
- Forwarded message from 0x721427D8 0x721427D8 <0x72142...@gmail.com> -
Date: Sun, 10 Jun 2012 15:02:43 +0200
From: 0x721427D8 0x721427D8 <0x72142...@gmail.com>
To: bugt...@securityfocus.com
Subject: [php<=5.4.3] Parsing Bug in PHP PDO prepared s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-12:03.bind Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-12:04.sysret Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-12:04.sysret Security Advisory
The FreeBSD Project
Topic: P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-12:03.bind Security Advisory
The FreeBSD Project
Topic: I
The attached patch backports support for sha256 and sha512 hashes to
stable/7. It is not an exact MFH because the sha code in head uses
stpncpy(), which is not present in stable/7's libc.
DES
--
Dag-Erling Smørgrav - d...@des.no
Index: lib/libcrypt
==
The attached patch backports support for sha256 and sha512 hashes to
stable/7. It is not an exact MFH because the sha code in head uses
stpncpy(), which is not present in stable/7's libc.
DES
--
Dag-Erling Smørgrav - d...@des.no
Index: lib/libcrypt
==
