[Secure-testing-commits] r33271 - in data: CVE DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 31 04:40:40 UTC 2015


Author: carnil
Date: 2015-03-31 04:40:40 +0000 (Tue, 31 Mar 2015)
New Revision: 33271

Modified:
   data/CVE/list
   data/DSA/list
Log:
Add CVE-2015-2787/php5

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-31 04:29:22 UTC (rev 33270)
+++ data/CVE/list	2015-03-31 04:40:40 UTC (rev 33271)
@@ -14,6 +14,10 @@
 CVE-2013-XXXX [nbd-server: server dies if client asks for a non-existing export]
 	- nbd 1:3.4-1 (bug #781547)
 	TODO: check details
+CVE-2015-2787 [Use After Free Vulnerability in unserialize()]
+	{DSA-3198-1}
+	- php5 5.6.7+dfsg-1
+	NOTE: https://bugs.php.net/68976
 CVE-2015-2782 [buffer overflow]
 	- arj 3.10.22-13 (bug #774015)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/03/28/5

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-03-31 04:29:22 UTC (rev 33270)
+++ data/DSA/list	2015-03-31 04:40:40 UTC (rev 33271)
@@ -36,7 +36,7 @@
 	{CVE-2015-0252}
 	[wheezy] - xerces-c 3.1.1-3+deb7u1
 [20 Mar 2015] DSA-3198-1 php5 - security update
-	{CVE-2015-2301 CVE-2015-2331}
+	{CVE-2015-2301 CVE-2015-2331 CVE-2015-2787}
 	[wheezy] - php5 5.4.39-0+deb7u1
 [19 Mar 2015] DSA-3197-1 openssl - security update
 	{CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292}




More information about the Secure-testing-commits mailing list