oss-sec mailing list archives
Re: About PHP and CVE-2015-1353 - please REJECT
From: Remi Collet <remi () fedoraproject org>
Date: Mon, 11 May 2015 10:31:28 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Can you please reject this CVE. Thanks, Remi. Le 05/05/2015 10:07, Remi Collet a écrit :
Hi, Can someone explain how this can be a security issue, and why scored as "high" risk ? On bad input, the call will produce a bad output. I don't see any way to exploit this for any bad thing. I really think we should reject this CVE. Upstream doesn't even consider this as a bug. Remi. P.S. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1353
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlVQaOAACgkQYUppBSnxahhDBACfS+avTYdrTvAy7pUrhZFTmDxw OMgAnA860MMJK7j24lWmK9bqkfn/2Q6a =l2P8 -----END PGP SIGNATURE-----
Current thread:
- About PHP and CVE-2015-1353 Remi Collet (May 05)
- Re: About PHP and CVE-2015-1353 - please REJECT Remi Collet (May 11)
- Re: About PHP and CVE-2015-1353 cve-assign (May 18)