[Secure-testing-commits] r34794 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sun Jun 7 21:10:17 UTC 2015
Author: sectracker
Date: 2015-06-07 21:10:17 +0000 (Sun, 07 Jun 2015)
New Revision: 34794
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-07 19:03:09 UTC (rev 34793)
+++ data/CVE/list 2015-06-07 21:10:17 UTC (rev 34794)
@@ -18,6 +18,7 @@
CVE-2015-4336
NOT-FOR-US: WordPress plugin xclonerbackupandrestore
CVE-2015-4335 [Redis EVAL Lua Sandbox Escape]
+ {DSA-3279-1}
- redis 2:3.0.2-1
[wheezy] - redis <not-affected> (Lua support introduced in version 2.6.0)
[squeeze] - redis <not-affected> (Lua support introduced in version 2.6.0)
@@ -618,28 +619,33 @@
RESERVED
CVE-2015-4026 [pcntl_exec() should not allow null char]
RESERVED
+ {DSA-3280-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=68598
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
CVE-2015-4025 [CVE-2006-7243 fix regressions in 5.4+]
RESERVED
+ {DSA-3280-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69418
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
CVE-2015-4024 [DoS possibility due to ineffective parsing of form data]
RESERVED
+ {DSA-3280-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69364
NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
CVE-2015-4022 [integer overflow on reading FTP server data leading to heap overflow]
RESERVED
+ {DSA-3280-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69545
NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2
NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9
CVE-2015-4021 [Memory Corruption in phar_parse_tarfile when entry filename starts with null]
RESERVED
+ {DSA-3280-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69453
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
@@ -2431,7 +2437,7 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
CVE-2015-3329 [Buffer Overflow when parsing tar/zip/phar in phar_set_inode]
RESERVED
- {DLA-212-1}
+ {DSA-3280-1 DLA-212-1}
- php5 5.6.9+dfsg-1
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c
NOTE: https://bugs.php.net/bug.php?id=69441
@@ -2686,7 +2692,7 @@
RESERVED
CVE-2015-3202
RESERVED
- {DSA-3268-2 DSA-3268-1 DSA-3266-1 DLA-226-2 DLA-226-1}
+ {DSA-3268-2 DSA-3268-1 DSA-3266-1 DLA-238-1 DLA-226-2 DLA-226-1}
- fuse 2.9.3-16 (bug #786439)
NOTE: Upstream fix: http://sourceforge.net/p/fuse/fuse/ci/fe2d96/
- ntfs-3g 1:2014.2.15AR.3-3 (bug #786475)
@@ -3880,7 +3886,7 @@
RESERVED
CVE-2015-2783 [Buffer Over-read in unserialize when parsing Phar]
RESERVED
- {DLA-212-1}
+ {DSA-3280-1 DLA-212-1}
- php5 5.6.9+dfsg-1
NOTE: https://bugs.php.net/bug.php?id=69324
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=17cbd0b5b78a7500f185b3781a2149881bfff8ae
More information about the Secure-testing-commits
mailing list