[Secure-testing-commits] r29147 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Mon Sep 29 21:14:14 UTC 2014
Author: joeyh
Date: 2014-09-29 21:14:13 +0000 (Mon, 29 Sep 2014)
New Revision: 29147
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-29 20:10:48 UTC (rev 29146)
+++ data/CVE/list 2014-09-29 21:14:13 UTC (rev 29147)
@@ -8310,7 +8310,7 @@
- pillow 2.5.3-1
- python-imaging <not-affected> (Vulnerable code not present)
CVE-2014-3597 (Multiple buffer overflows in the php_parserr function in ...)
- {DSA-3008-1}
+ {DSA-3008-1 DLA-67-1}
- php5 5.6.0+dfsg-1
NOTE: patch: https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05#diff-d41d8cd98f00b204e9800998ecf8427e
NOTE: https://bugs.php.net/bug.php?id=67717
@@ -8343,7 +8343,7 @@
CVE-2014-3588
RESERVED
CVE-2014-3587 (Integer overflow in the cdf_read_property_info function in cdf.c in ...)
- {DSA-3021-1 DSA-3008-1 DLA-50-1}
+ {DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
- php5 5.6.0+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=67716
NOTE: https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
@@ -8493,7 +8493,7 @@
CVE-2014-3539
RESERVED
CVE-2014-3538 (file before 5.19 does not properly restrict the amount of data read ...)
- {DSA-3021-1 DSA-3008-1 DLA-50-1}
+ {DSA-3021-1 DSA-3008-1 DLA-67-1 DLA-50-1}
- file 1:5.19-1
NOTE: fix relies on the new feature that introduced regex/<length> syntax, might be too intrusive for backporting.
- php5 5.6.0~rc4+dfsg-1
More information about the Secure-testing-commits
mailing list