[Secure-testing-commits] r31059 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 31 08:40:44 UTC 2014
Author: carnil
Date: 2014-12-31 08:40:44 +0000 (Wed, 31 Dec 2014)
New Revision: 31059
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-{8116,8117} in php5
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-31 07:11:37 UTC (rev 31058)
+++ data/CVE/list 2014-12-31 08:40:44 UTC (rev 31059)
@@ -4528,13 +4528,13 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1168715
CVE-2014-8117 (softmagic.c in file before 5.21 does not properly limit recursion, ...)
- file 1:5.21+15-1 (low; bug #773148)
- - php5 <unfixed>
+ - php5 5.6.4+dfsg-2
NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
NOTE: https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
NOTE: Other commits needed as well: http://www.openwall.com/lists/oss-security/2014/12/16/2
CVE-2014-8116 (The ELF parser (readelf.c) in file before 5.21 allows remote attackers ...)
- file 1:5.21+15-1 (low; bug #773148)
- - php5 <unfixed>
+ - php5 5.6.4+dfsg-2
NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
NOTE: https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b
NOTE: https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6
More information about the Secure-testing-commits
mailing list