[Secure-testing-commits] r27918 - in data: . CVE DLA
Thorsten Alteholz
alteholz at moszumanska.debian.org
Wed Jul 23 19:12:09 UTC 2014
Author: alteholz
Date: 2014-07-23 19:12:09 +0000 (Wed, 23 Jul 2014)
New Revision: 27918
Modified:
data/CVE/list
data/DLA/list
data/lts-needed.txt
Log:
php5 for LTS done
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-23 17:44:56 UTC (rev 27917)
+++ data/CVE/list 2014-07-23 19:12:09 UTC (rev 27918)
@@ -830,6 +830,7 @@
CVE-2014-4721 (The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 ...)
{DSA-2974-1}
- php5 5.6.0~rc1+dfsg-2 (low)
+ [squeeze] - php5 5.3.3-7+squeeze20
NOTE: https://bugs.php.net/bug.php?id=67498
NOTE: https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html
CVE-2014-4668 (The cherokee_validator_ldap_check function in validator_ldap.c in ...)
@@ -3459,6 +3460,7 @@
CVE-2014-3515 (The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 ...)
{DSA-2974-1}
- php5 5.6.0~rc2+dfsg-1
+ [squeeze] - php5 5.3.3-7+squeeze20
NOTE: https://bugs.php.net/bug.php?id=67492
CVE-2014-3514
RESERVED
@@ -3568,6 +3570,7 @@
- file 1:5.19-1
NOTE: https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382
- php5 5.6.0~rc1+dfsg-1
+ [squeeze] - php5 5.3.3-7+squeeze20
NOTE: http://bugs.php.net/bug.php?id=67412
CVE-2014-3479 (The cdf_check_stream_offset function in cdf.c in file before 5.19, as ...)
{DSA-2974-1}
@@ -12805,6 +12808,7 @@
- file 1:5.19-1
NOTE: fixed as part of https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391#diff-0
- php5 5.6.0~beta4+dfsg-1
+ [squeeze] - php5 5.3.3-7+squeeze20
NOTE: https://bugs.php.net/bug.php?id=67326
CVE-2014-0206 (Array index error in the aio_read_events_ring function in fs/aio.c in ...)
- linux 3.14.10-1
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2014-07-23 17:44:56 UTC (rev 27917)
+++ data/DLA/list 2014-07-23 19:12:09 UTC (rev 27918)
@@ -1,7 +1,7 @@
reserved DLA-0020-1 munin #679897 CVE-2013-6048 munin#1397 CVE-2012-3512
reserved DLA-0019-1 postgresql-8.4 - new upstream minor release
[squeeze] - postgresql-8.4 8.4.22-0squeeze1
-reserved DLA-0018-1 php5 - security update
+[23 Jul 2014] DLA-0018-1 php5 - security update
{CVE-2014-3515 CVE-2014-0207 CVE-2014-3480 CVE-2014-4721}
[squeeze] - php5 5.3.3-7+squeeze20
reserved DLA-0017-1 tor - new upstream version
Modified: data/lts-needed.txt
===================================================================
--- data/lts-needed.txt 2014-07-23 17:44:56 UTC (rev 27917)
+++ data/lts-needed.txt 2014-07-23 19:12:09 UTC (rev 27918)
@@ -66,9 +66,6 @@
--
openssl
--
-php5 (Thorsten Alteholz)
- just a reminder, only: CVE-2014-3515, CVE-2014-4721, CVE-2014-0207, CVE-2014-3480
---
polarssl
NOTE: will need additional fix for #738854
--
More information about the Secure-testing-commits
mailing list