[Secure-testing-commits] r31966 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Feb 4 20:03:00 UTC 2015
Author: carnil
Date: 2015-02-04 20:03:00 +0000 (Wed, 04 Feb 2015)
New Revision: 31966
Modified:
data/CVE/list
Log:
Add one more file issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-04 18:57:31 UTC (rev 31965)
+++ data/CVE/list 2015-02-04 20:03:00 UTC (rev 31966)
@@ -9,6 +9,12 @@
[wheezy] - cabextract <no-dsa> (Minor issue)
[squeeze] - cabextract <no-dsa> (Minor issue)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/03/12
+CVE-2014-XXXX [Malformed elf file causes access to uninitialized memory]
+ - file <unfixed>
+ - php5 <not-affected> (readelf.c not used and even removed in 5.4.36-0+deb7u3)
+ NOTE: http://bugs.gw.com/view.php?id=409
+ NOTE: http://mx.gw.com/pipermail/file/2014/001649.html
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/04/13
CVE-2014-XXXX [NULL pointer dereference in unserialize.c:var_push_dtor]
- php5 <unfixed>
NOTE: https://bugs.php.net/bug.php?id=68545
More information about the Secure-testing-commits
mailing list