[Secure-testing-commits] r29597 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 23 07:44:16 UTC 2014


Author: carnil
Date: 2014-10-23 07:44:16 +0000 (Thu, 23 Oct 2014)
New Revision: 29597

Modified:
   data/CVE/list
Log:
Add CVE-2014-3710/{file,php5}, from (and concludes) external check

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-23 07:41:44 UTC (rev 29596)
+++ data/CVE/list	2014-10-23 07:44:16 UTC (rev 29597)
@@ -10572,8 +10572,12 @@
 	RESERVED
 	- kfreebsd-9 <removed> (bug #766275)
 	- kfreebsd-10 <unfixed> (bug #766278)
-CVE-2014-3710
+CVE-2014-3710 [out-of-bounds read in elf note headers]
 	RESERVED
+	- file <unfixed>
+	NOTE: Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
+	- php5 <unfixed>
+	NOTE: https://bugs.php.net/bug.php?id=68283
 CVE-2014-3709
 	RESERVED
 	NOT-FOR-US: JBoss KeyCloak




More information about the Secure-testing-commits mailing list