[Secure-testing-commits] r29710 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Oct 28 22:07:03 UTC 2014
Author: carnil
Date: 2014-10-28 22:07:03 +0000 (Tue, 28 Oct 2014)
New Revision: 29710
Modified:
data/CVE/list
Log:
Add note for CVE-2014-5120, is fixed in php5 5.4.32 upstream
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-28 18:45:39 UTC (rev 29709)
+++ data/CVE/list 2014-10-28 22:07:03 UTC (rev 29710)
@@ -7617,6 +7617,7 @@
- libgd2 <not-affected> (Specific to integration of gd in PHP)
NOTE: https://bugs.php.net/bug.php?id=67730
NOTE: https://bugs.php.net/patch-display.php?bug_id=67730&patch=gd-null-injection&revision=latest
+ NOTE: For the PHP5 5.4 branch this issue is fixed in version 5.4.32
CVE-2014-5115 (Absolute path traversal vulnerability in DirPHP 1.0 allows remote ...)
NOT-FOR-US: DirPHP
CVE-2014-5114 (WeBid 1.1.1 allows remote attackers to conduct an LDAP injection ...)
More information about the Secure-testing-commits
mailing list