[Secure-testing-commits] r34322 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 18 12:09:31 UTC 2015
Author: carnil
Date: 2015-05-18 12:09:31 +0000 (Mon, 18 May 2015)
New Revision: 34322
Modified:
data/CVE/list
Log:
Updates for more CVE requests for php5
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-18 05:10:16 UTC (rev 34321)
+++ data/CVE/list 2015-05-18 12:09:31 UTC (rev 34322)
@@ -1,3 +1,19 @@
+CVE-2015-XXXX [various functions allow \0 in paths where they shouldn't]
+ - php5 <unfixed>
+ NOTE: https://bugs.php.net/bug.php?id=69418
+ NOTE: https://bugs.php.net/bug.php?id=68598
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2
+ TODO: check
+CVE-2015-XXXX [DoS possibility due to ineffective parsing of form data]
+ - php5 <unfixed>
+ NOTE: https://bugs.php.net/bug.php?id=69364
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2
+ TODO: check
+CVE-2015-XXXX [integer overflow on reading FTP server data leading to heap overflow]
+ - php5 <unfixed>
+ NOTE: https://bugs.php.net/bug.php?id=69545
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/18/2
+ TODO: check
CVE-2015-XXXX [Memory Corruption in phar_parse_tarfile when entry filename starts with null]
- php5 <unfixed>
NOTE: https://bugs.php.net/bug.php?id=69453
@@ -2,3 +18,3 @@
NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/17/2
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2
TODO: check
More information about the Secure-testing-commits
mailing list