[Secure-testing-commits] r28364 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Aug 19 16:00:55 UTC 2014


Author: carnil
Date: 2014-08-19 16:00:53 +0000 (Tue, 19 Aug 2014)
New Revision: 28364

Modified:
   data/CVE/list
Log:
Add cross references for php bugs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-19 15:55:19 UTC (rev 28363)
+++ data/CVE/list	2014-08-19 16:00:53 UTC (rev 28364)
@@ -1613,6 +1613,7 @@
 CVE-2014-4670 (Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL ...)
 	- php5 <unfixed> (unimportant)
 	NOTE: exploitable by malicious scripts only
+	NOTE: https://bugs.php.net/bug.php?id=67538
 CVE-2014-4669 (HP Enterprise Maps 1.00 allows remote authenticated users to read ...)
 	NOT-FOR-US: HP Enterprise Maps
 CVE-2014-4666
@@ -4061,6 +4062,7 @@
 CVE-2014-3597 [segfault in dns_get_record]
 	- php5 <unfixed>
 	NOTE: patch: https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05#diff-d41d8cd98f00b204e9800998ecf8427e
+	NOTE: https://bugs.php.net/bug.php?id=67717
 	NOTE: incomplete fix for CVE-2014-4049
 	RESERVED
 CVE-2014-3596 [Incomplete fix for CVE-2012-5784]
@@ -4092,6 +4094,7 @@
 CVE-2014-3587
 	RESERVED
 	- php5 <unfixed>
+	NOTE: NOTE: https://bugs.php.net/bug.php?id=67716
 	NOTE: https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
 	- file <unfixed>
 CVE-2014-3586




More information about the Secure-testing-commits mailing list