[Secure-testing-commits] r30021 - data/CVE
Yves-Alexis Perez
corsac at moszumanska.debian.org
Thu Nov 13 09:36:04 UTC 2014
Author: corsac
Date: 2014-11-13 09:36:04 +0000 (Thu, 13 Nov 2014)
New Revision: 30021
Modified:
data/CVE/list
Log:
actually mark it as fixed by the DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-13 09:08:22 UTC (rev 30020)
+++ data/CVE/list 2014-11-13 09:36:04 UTC (rev 30021)
@@ -16017,13 +16017,12 @@
[squeeze] - php5 <no-dsa> (Minor issue, can be fixed along with a future DSA)
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=a33759fd275b32ed0bbe89796fe2953b3cb0b41f
CVE-2013-7345 (The BEGIN regular expression in the awk script detector in ...)
- {DSA-2873-1}
+ {DSA-2873-1 DSA-3064-1}
- file 1:5.17-0.1 (bug #703993)
NOTE: http://bugs.gw.com/view.php?id=164
NOTE: fixed in commit ef2329cf71acb59204dd981e2c6cce6c81fe467c
- php5 5.6.0+dfsg-1
[squeeze] - php5 <not-affected>
- [wheezy] - 5.4.34-0+deb7u1
NOTE: Wheezy's php5 is vulnerable in 5.4.4-14+deb7u14. Verified by rebuilding
NOTE: magic.mgc out of ext/fileinfo/data_info.c and "strings magic.mgc |grep BEGIN"
NOTE: returns "^\s*BEGIN\s*[{]". Same test in squeeze does not
More information about the Secure-testing-commits
mailing list