[Secure-testing-commits] r35548 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jul 18 12:22:27 UTC 2015


Author: carnil
Date: 2015-07-18 12:22:27 +0000 (Sat, 18 Jul 2015)
New Revision: 35548

Modified:
   data/CVE/list
Log:
Add two more php5 CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-18 12:13:25 UTC (rev 35547)
+++ data/CVE/list	2015-07-18 12:22:27 UTC (rev 35548)
@@ -1,3 +1,13 @@
+CVE-2015-5590 [Buffer overflow and stack smashing error in phar_fix_filepath]
+	- php5 <unfixed>
+	NOTE: https://bugs.php.net/bug.php?id=69923
+	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
+	TODO: check affected versions
+CVE-2015-5589 [Segfault in Phar::convertToData on invalid file]
+	- php5 <unfixed>
+	NOTE: https://bugs.php.net/bug.php?id=69958
+	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
+	TODO: check affected versions
 CVE-2015-5536
 	RESERVED
 CVE-2015-5535




More information about the Secure-testing-commits mailing list