[Secure-testing-commits] r34333 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue May 19 05:02:47 UTC 2015


Author: carnil
Date: 2015-05-19 05:02:47 +0000 (Tue, 19 May 2015)
New Revision: 34333

Modified:
   data/CVE/list
Log:
CVE-2015-1353 will be REJECTED

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-05-19 05:00:54 UTC (rev 34332)
+++ data/CVE/list	2015-05-19 05:02:47 UTC (rev 34333)
@@ -7970,10 +7970,7 @@
 	[squeeze] - patch <not-affected>  (Not affected by CVE-2015-1196 and no incomplete fix applied)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/01/24/3
 CVE-2015-1353 (Multiple integer overflows in the calendar extension in PHP through ...)
-	- php5 <unfixed> (unimportant)
-	NOTE: Not a security issue, plain bug
-	NOTE: https://github.com/MegaManSec/php-src/commit/a538d2f5605798422f2746636ecdc300f8ebcaa1
-	NOTE: CVE assignment disputed, might be rejected; Details: http://www.openwall.com/lists/oss-security/2015/05/05/5
+	NOTE: To be rejected, remove note once REJECTED
 CVE-2015-XXXX [off-by-one buffer under-read in mspack/lzxd.c]
 	- libmspack 0.5-1 (bug #775499)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/03/11




More information about the Secure-testing-commits mailing list