[Secure-testing-commits] r35548 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 18 12:22:27 UTC 2015
Author: carnil
Date: 2015-07-18 12:22:27 +0000 (Sat, 18 Jul 2015)
New Revision: 35548
Modified:
data/CVE/list
Log:
Add two more php5 CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-18 12:13:25 UTC (rev 35547)
+++ data/CVE/list 2015-07-18 12:22:27 UTC (rev 35548)
@@ -1,3 +1,13 @@
+CVE-2015-5590 [Buffer overflow and stack smashing error in phar_fix_filepath]
+ - php5 <unfixed>
+ NOTE: https://bugs.php.net/bug.php?id=69923
+ NOTE: http://git.php.net/?p=php-src.git;a=commit;h=6dedeb40db13971af45276f80b5375030aa7e76f
+ TODO: check affected versions
+CVE-2015-5589 [Segfault in Phar::convertToData on invalid file]
+ - php5 <unfixed>
+ NOTE: https://bugs.php.net/bug.php?id=69958
+ NOTE: http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
+ TODO: check affected versions
CVE-2015-5536
RESERVED
CVE-2015-5535
More information about the Secure-testing-commits
mailing list