[Secure-testing-commits] r36325 - data/CVE
Sebastien Delafond
seb at moszumanska.debian.org
Wed Aug 26 19:15:59 UTC 2015
Author: seb
Date: 2015-08-26 19:15:59 +0000 (Wed, 26 Aug 2015)
New Revision: 36325
Modified:
data/CVE/list
Log:
Mention that CVE-2015-3152 could possibly be applied to php5 as well
because of mysqlnd
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-26 16:33:28 UTC (rev 36324)
+++ data/CVE/list 2015-08-26 19:15:59 UTC (rev 36325)
@@ -9169,6 +9169,8 @@
NOTE: http://www.ocert.org/advisories/ocert-2015-003.html
NOTE: http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/
NOTE: https://mariadb.atlassian.net/browse/MDEV-7937
+ NOTE: The question remains open whether this same CVE can used for PHP's mysqlnd
+ NOTE: (re-implementation of the MySQL client): https://marc.info/?l=oss-security&m=143750829604598
CVE-2015-3151 [abrt: directory traversals in several D-Bus methods implemented by abrt-dbus]
RESERVED
NOT-FOR-US: abrt is Red Hat / Fedora specific
More information about the Secure-testing-commits
mailing list