FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php -- multiple vulnerabilities

Affected packages
	php5-phar	<=	5.4.45
	php55-phar	<	5.5.30
	php56-phar	<	5.6.14

Details

VuXML ID	c1da8b75-6aef-11e5-9909-002590263bf5
Discovery	2015-10-01
Entry	2015-10-04
Modified	2015-10-12

PHP reports:

Phar:

Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()).

Fixed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip entry filename is "/").

[source]

References

CVE Name	CVE-2015-7803
CVE Name	CVE-2015-7804
FreeBSD PR	ports/203541
URL	http://php.net/ChangeLog-5.php#5.5.30
URL	http://php.net/ChangeLog-5.php#5.6.14