[Secure-testing-commits] r34779 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sun Jun 7 10:53:14 UTC 2015
Author: jmm
Date: 2015-06-07 10:53:14 +0000 (Sun, 07 Jun 2015)
New Revision: 34779
Modified:
data/CVE/list
Log:
two php issues fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-07 09:08:35 UTC (rev 34778)
+++ data/CVE/list 2015-06-07 10:53:14 UTC (rev 34779)
@@ -2428,10 +2428,11 @@
CVE-2015-3329 [Buffer Overflow when parsing tar/zip/phar in phar_set_inode]
RESERVED
{DLA-212-1}
- - php5 <unfixed>
+ - php5 5.6.9+dfsg-1
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c
NOTE: https://bugs.php.net/bug.php?id=69441
NOTE: http://www.openwall.com/lists/oss-security/2015/04/16/22
+ NOTE: Fixed in 5.6.8 and 5.4.40
CVE-2015-3315
RESERVED
NOT-FOR-US: abrt is Red Hat / Fedora specific
@@ -3874,9 +3875,10 @@
CVE-2015-2783 [Buffer Over-read in unserialize when parsing Phar]
RESERVED
{DLA-212-1}
- - php5 <unfixed>
+ - php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69324
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
+ NOTE: Fixed in 5.6.8 and 5.4.40
CVE-2015-2781 (Cross-site scripting (XSS) vulnerability in cgi-bin/hotspotlogin.cgi ...)
NOT-FOR-US: Hotspot Express hotEx Billing Manager
CVE-2015-2780
More information about the Secure-testing-commits
mailing list