[Secure-testing-commits] r36157 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 19 11:39:24 UTC 2015
Author: carnil
Date: 2015-08-19 11:39:24 +0000 (Wed, 19 Aug 2015)
New Revision: 36157
Modified:
data/CVE/list
Log:
Add temporary item for requested php5 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-19 11:16:09 UTC (rev 36156)
+++ data/CVE/list 2015-08-19 11:39:24 UTC (rev 36157)
@@ -1,3 +1,29 @@
+CVE-2015-XXXX [Files extracted from archive may be placed outside of destination directory]
+ - php5 5.6.12+dfsg-1
+ NOTE: https://bugs.php.net/bug.php?id=70019
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/19/3
+ NOTE: Fixed upstream in 5.4.44 and 5.6.12
+CVE-2015-XXXX [Use After Free Vulnerability in unserialize() with SplDoublyLinkedList]
+ - php5 5.6.12+dfsg-1
+ NOTE: https://bugs.php.net/bug.php?id=70169
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/19/3
+ NOTE: Fixed upstream in 5.4.44 and 5.6.12
+CVE-2015-XXXX [Use After Free Vulnerability in unserialize() with SplObjectStorage]
+ - php5 5.6.12+dfsg-1
+ NOTE: https://bugs.php.net/bug.php?id=70168
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/19/3
+ NOTE: Fixed upstream in 5.4.44 and 5.6.12
+CVE-2015-XXXX [Use After Free Vulnerability in unserialize() with SPLArrayObject]
+ - php5 5.6.12+dfsg-1
+ NOTE: https://bugs.php.net/bug.php?id=70166
+ NOTE: https://bugs.php.net/bug.php?id=70155
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/19/3
+ NOTE: Fixed upstream in 5.4.44 and 5.6.12
+CVE-2015-XXXX [Dangling pointer in the unserialization of ArrayObject items]
+ - php5 5.6.12+dfsg-1
+ NOTE: https://bugs.php.net/bug.php?id=70068
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/19/3
+ NOTE: Fixed upstream in 5.4.44 and 5.6.12
CVE-2015-6505
RESERVED
CVE-2015-6504
More information about the Secure-testing-commits
mailing list