[Secure-testing-commits] r31624 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jan 24 06:38:14 UTC 2015


Author: carnil
Date: 2015-01-24 06:38:14 +0000 (Sat, 24 Jan 2015)
New Revision: 31624

Modified:
   data/CVE/list
Log:
Add CVE-2015-0232/php5

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-24 06:35:19 UTC (rev 31623)
+++ data/CVE/list	2015-01-24 06:38:14 UTC (rev 31624)
@@ -4612,8 +4612,11 @@
 	RESERVED
 	- 389-admin <unfixed> (unimportant)
 	NOTE: Rendered unexploitable by /tmp hardening in Debian kernel
-CVE-2015-0232
+CVE-2015-0232 [Free called on unitialized pointer in exif.c]
 	RESERVED
+	- php5 <unfixed>
+	NOTE: https://bugs.php.net/patch-display.php?bug=68799&patch=bug68799fix&revision=1420966468
+	NOTE: https://bugs.php.net/bug.php?id=68799
 CVE-2015-0231 [use after free vulnerability in unserialize() (inclomplete fix of CVE-2014-8142)]
 	RESERVED
 	- php5 <unfixed>




More information about the Secure-testing-commits mailing list