[Secure-testing-commits] r27918 - in data: . CVE DLA

Thorsten Alteholz alteholz at moszumanska.debian.org
Wed Jul 23 19:12:09 UTC 2014 

Author: alteholz
Date: 2014-07-23 19:12:09 +0000 (Wed, 23 Jul 2014)
New Revision: 27918

Modified:
   data/CVE/list
   data/DLA/list
   data/lts-needed.txt
Log:
php5 for LTS done

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-07-23 17:44:56 UTC (rev 27917)
+++ data/CVE/list	2014-07-23 19:12:09 UTC (rev 27918)
@@ -830,6 +830,7 @@
 CVE-2014-4721 (The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 ...)
 	{DSA-2974-1}
 	- php5 5.6.0~rc1+dfsg-2 (low)
+        [squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: https://bugs.php.net/bug.php?id=67498
 	NOTE: https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html
 CVE-2014-4668 (The cherokee_validator_ldap_check function in validator_ldap.c in ...)
@@ -3459,6 +3460,7 @@
 CVE-2014-3515 (The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 ...)
 	{DSA-2974-1}
 	- php5 5.6.0~rc2+dfsg-1
+        [squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: https://bugs.php.net/bug.php?id=67492
 CVE-2014-3514
 	RESERVED
@@ -3568,6 +3570,7 @@
 	- file 1:5.19-1
 	NOTE: https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
 	- php5 5.6.0~rc1+dfsg-1
+        [squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: http://bugs.php.net/bug.php?id=67412
 CVE-2014-3479 (The cdf_check_stream_offset function in cdf.c in file before 5.19, as ...)
 	{DSA-2974-1}
@@ -12805,6 +12808,7 @@
 	- file 1:5.19-1
 	NOTE: fixed as part of https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391#diff-0
 	- php5 5.6.0~beta4+dfsg-1
+        [squeeze] - php5 5.3.3-7+squeeze20
 	NOTE: https://bugs.php.net/bug.php?id=67326 
 CVE-2014-0206 (Array index error in the aio_read_events_ring function in fs/aio.c in ...)
 	- linux 3.14.10-1

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2014-07-23 17:44:56 UTC (rev 27917)
+++ data/DLA/list	2014-07-23 19:12:09 UTC (rev 27918)
@@ -1,7 +1,7 @@
 reserved DLA-0020-1 munin #679897 CVE-2013-6048 munin#1397 CVE-2012-3512 
 reserved DLA-0019-1 postgresql-8.4 - new upstream minor release
 	[squeeze] - postgresql-8.4 8.4.22-0squeeze1
-reserved DLA-0018-1 php5 - security update
+[23 Jul 2014] DLA-0018-1 php5 - security update
 	{CVE-2014-3515 CVE-2014-0207 CVE-2014-3480 CVE-2014-4721}
 	[squeeze] - php5 5.3.3-7+squeeze20
 reserved DLA-0017-1 tor - new upstream version

Modified: data/lts-needed.txt
===================================================================
--- data/lts-needed.txt	2014-07-23 17:44:56 UTC (rev 27917)
+++ data/lts-needed.txt	2014-07-23 19:12:09 UTC (rev 27918)
@@ -66,9 +66,6 @@
 --
 openssl
 --
-php5 (Thorsten Alteholz)
- just a reminder, only: CVE-2014-3515, CVE-2014-4721, CVE-2014-0207, CVE-2014-3480
---
 polarssl
   NOTE: will need additional fix for #738854
 --

More information about the Secure-testing-commits mailing list