[Secure-testing-commits] r25824 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Feb 21 07:24:26 UTC 2014
Author: carnil
Date: 2014-02-21 07:24:26 +0000 (Fri, 21 Feb 2014)
New Revision: 25824
Modified:
data/CVE/list
Log:
Add two more php5 CVEs fixed with 5.5.9
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-21 07:21:54 UTC (rev 25823)
+++ data/CVE/list 2014-02-21 07:24:26 UTC (rev 25824)
@@ -296,9 +296,13 @@
- jenkins <unfixed> (bug #739067)
NOTE: https://github.com/jenkinsci/jenkins/commit/36342d71e29e0620f803a7470ce96c61761648d8
CVE-2013-7328 (Multiple integer signedness errors in the gdImageCrop function in ...)
- TODO: check
+ - php5 5.5.9+dfsg-1
+ [wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
+ [squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
CVE-2013-7327 (The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does ...)
- TODO: check
+ - php5 5.5.9+dfsg-1
+ [wheezy] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
+ [squeeze] - php5 <not-affected> (Vulnerable code was introduced in 5.5.0)
CVE-2013-7326 (Cross-site scripting (XSS) vulnerability in vTiger CRM 5.4.0 allows ...)
TODO: check
CVE-2013-7324
More information about the Secure-testing-commits
mailing list