[Secure-testing-commits] r32301 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Feb 18 05:54:20 UTC 2015


Author: jmm
Date: 2015-02-18 05:54:20 +0000 (Wed, 18 Feb 2015)
New Revision: 32301

Modified:
   data/CVE/list
Log:
php non-issue (but fixed in jessie/sid anyway)


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-02-18 05:49:03 UTC (rev 32300)
+++ data/CVE/list	2015-02-18 05:54:20 UTC (rev 32301)
@@ -660,11 +660,11 @@
 	NOTE: http://mx.gw.com/pipermail/file/2014/001649.html
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/04/13
 CVE-2014-XXXX [NULL pointer dereference in unserialize.c:var_push_dtor]
-	- php5 <unfixed>
+	- php5 5.6.4+dfsg-1 (unimportant)
 	NOTE: https://bugs.php.net/bug.php?id=68545
 	NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=13f1c276ab72cf1a8a400fd013b9289d0018a340
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/04/5
-	TODO: check
+	NOTE: exploitable by malicious scripts only
 CVE-2014-XXXX [Multiple imagemagick bugs]
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2014/12/24/1




More information about the Secure-testing-commits mailing list